urlscan.io logo urlscan.io
SecurityTrails logo

www.cestnormalauquebec.com Open in urlscan Pro
2a00:1450:4001:810::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cestnormalauquebec.com/
Effective URL: https://www.cestnormalauquebec.com/
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 13 countries across 55 domains to perform 320 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.cestnormalauquebec.com.
TLS certificate: Issued by GTS CA 1D4 on January 22nd 2023. Valid for: 3 months.
This is the only time www.cestnormalauquebec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
38 2a00:1450:400... 15169 (GOOGLE)
1 69.164.223.117 63949 (AKAMAI-AP...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.208.166 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
48 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 130.211.23.194 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 18.212.140.196 14618 (AMAZON-AES)
5 2.18.232.7 16625 (AKAMAI-AS)
1 2600:9000:230... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
3 18.66.23.213 16509 (AMAZON-02)
5 35 104.22.68.131 13335 (CLOUDFLAR...)
1 6 54.77.216.47 16509 (AMAZON-02)
1 13.32.27.27 16509 (AMAZON-02)
1 104.111.217.42 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 3.239.232.253 14618 (AMAZON-AES)
5 63.251.114.137 32475 (SINGLEHOP...)
1 1 2.18.79.134 20940 (AKAMAI-ASN1)
2 3.122.24.140 16509 (AMAZON-02)
4 18.193.97.47 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
3 18 37.252.172.123 29990 (ASN-APPNEX)
4 13.224.191.98 16509 (AMAZON-02)
5 3.66.39.104 16509 (AMAZON-02)
6 52.28.203.152 16509 (AMAZON-02)
3 52.58.138.83 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
5 8.2.110.114 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
5 10 185.86.138.155 201081 (SMARTADSE...)
2 2 52.208.99.252 16509 (AMAZON-02)
2 9 69.173.144.139 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 23.203.124.192 16625 (AKAMAI-AS)
4 13.248.245.213 16509 (AMAZON-02)
2 23.199.214.41 16625 (AKAMAI-AS)
3 151.101.129.108 54113 (FASTLY)
1 162.19.138.119 16276 (OVH)
1 52.31.240.6 16509 (AMAZON-02)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
3 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
5 7 142.250.186.66 15169 (GOOGLE)
1 52.31.114.167 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 35.170.206.70 14618 (AMAZON-AES)
3 3 37.157.6.247 198622 (ADFORM)
1 34.91.62.186 396982 (GOOGLE-CL...)
2 35.71.131.137 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
8 8 185.80.39.216 27381 (CASALE-MEDIA)
8 8 185.94.180.125 35220 (SPOTX-AMS)
2 3 52.46.151.131 ()
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 67.220.226.238 16509 (AMAZON-02)
320 75
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
cestnormalauquebec.com
6    2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.cestnormalauquebec.com
5    2a00:1450:400d:808::2009 (Ireland)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
2    2400:52e0:1e00::1080:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
plausible.io
6    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
38    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1.bp.blogspot.com
1    69.164.223.117 (Cedar Knolls, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: nb-69-164-223-117.newark.nodebalancer.linode.com
static.bigpipes.co
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.208.166 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
48    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra5-2.xx.fbcdn.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-2.xx.fbcdn.net
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra3-1.xx.fbcdn.net
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com
carbon-cdn.ccgateway.net
script-api.ccgateway.net
privacy-location-edge.ccgateway.net
5    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2600:9000:2304:3a00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:211a:9400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
3    18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net
c.amazon-adsystem.com
35    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
prebid.smilewanted.com
6    54.77.216.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    13.32.27.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-27.fra56.r.cloudfront.net
js.gumgum.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
3    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    3.239.232.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-253.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
5    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2.18.79.134 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-134.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    3.122.24.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-24-140.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
4    18.193.97.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-97-47.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
18    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
5    3.66.39.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
3    52.58.138.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
7    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
10    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    52.208.99.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-99-252.eu-west-1.compute.amazonaws.com
ice.360yield.com
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    23.199.214.41 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-214-41.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    52.31.240.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-240-6.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    52.31.114.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-114-167.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    35.170.206.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-206-70.compute-1.amazonaws.com
a.audrte.com
3    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3605:ba00:e0e6:3fe7:92c1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
8    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
55 fbcdn.net
scontent-fra5-2.xx.fbcdn.net — Cisco Umbrella Rank: 22662
static.xx.fbcdn.net — Cisco Umbrella Rank: 803
scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 13939
scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 14664
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 449
1 MB
35 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 4310
static.smilewanted.com — Cisco Umbrella Rank: 10203
prebid.smilewanted.com — Cisco Umbrella Rank: 5844
76 KB
35 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 14237
4 MB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 542
70 KB
21 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 725
simage2.pubmatic.com — Cisco Umbrella Rank: 668
image2.pubmatic.com — Cisco Umbrella Rank: 846
image4.pubmatic.com — Cisco Umbrella Rank: 938
67 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
eus.rubiconproject.com — Cisco Umbrella Rank: 533
token.rubiconproject.com — Cisco Umbrella Rank: 541
15 KB
14 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 171
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
164 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
64 KB
10 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1273
2 KB
10 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
2 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
203 KB
8 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
5 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
6 KB
8 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
btlr.sharethrough.com — Cisco Umbrella Rank: 948
496 B
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 498
eb2.3lift.com — Cisco Umbrella Rank: 338
3 KB
8 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1394
js.gumgum.com — Cisco Umbrella Rank: 4354
rtb.gumgum.com — Cisco Umbrella Rank: 1560
43 KB
7 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 5231
sync-eu.connectad.io — Cisco Umbrella Rank: 3635
4 KB
7 cestnormalauquebec.com
cestnormalauquebec.com
www.cestnormalauquebec.com
63 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1329
at.teads.tv — Cisco Umbrella Rank: 4546
6 KB
6 ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 10081
script-api.ccgateway.net — Cisco Umbrella Rank: 10471
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 10564
24 KB
5 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4900
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
5 google.com
adservice.google.com — Cisco Umbrella Rank: 73
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939
www.google.com — Cisco Umbrella Rank: 2
106 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2469
3 KB
4 gstatic.com
fonts.gstatic.com
216 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
63 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9057
162 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3609
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24172
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27395
897 B
3 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 10531
499 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 795
api.btloader.com — Cisco Umbrella Rank: 895
8 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
ajax.googleapis.com — Cisco Umbrella Rank: 306
38 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
529 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4426
562 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1983
647 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 535
728 B
2 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 6375
5 KB
2 cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
23 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 902
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788
83 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 13206
2 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
649 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
614 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 759
265 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 686
363 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
725 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 404
1 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 624
610 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5154
658 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
612 B
1 bigpipes.co
static.bigpipes.co — Cisco Umbrella Rank: 814733
137 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 17191
300 B
320 55
Domain Requested by
44 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
35 blogger.googleusercontent.com www.cestnormalauquebec.com
26 csync.smilewanted.com 5 redirects static.bigpipes.co
csync.smilewanted.com
18 ib.adnxs.com 3 redirects static.bigpipes.co
csync.smilewanted.com
10 sync.smartadserver.com 5 redirects csync.smilewanted.com
9 ads.pubmatic.com static.bigpipes.co
csync.smilewanted.com
9 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
8 sync.search.spotxchange.com 8 redirects
8 ssum-sec.casalemedia.com 8 redirects
7 cm.g.doubleclick.net 5 redirects
6 c2shb.pubgw.yahoo.com static.bigpipes.co
6 g2.gumgum.com 1 redirects static.bigpipes.co
g2.gumgum.com
6 pagead2.googlesyndication.com www.cestnormalauquebec.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 www.cestnormalauquebec.com 1 redirects www.cestnormalauquebec.com
ajax.googleapis.com
5 cdn.connectad.io csync.smilewanted.com
5 us.ck-ie.com csync.smilewanted.com
5 match.sharethrough.com csync.smilewanted.com
5 ap.lijit.com csync.smilewanted.com
5 static.smilewanted.com csync.smilewanted.com
5 a.teads.tv static.bigpipes.co
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects
4 eb2.3lift.com static.bigpipes.co
4 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
4 hbopenbid.pubmatic.com static.bigpipes.co
4 prebid.smilewanted.com static.bigpipes.co
4 tlx.3lift.com static.bigpipes.co
4 script-api.ccgateway.net carbon-cdn.ccgateway.net
4 scontent-frt3-2.xx.fbcdn.net www.facebook.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.facebook.com www.cestnormalauquebec.com
static.xx.fbcdn.net
4 www.blogger.com www.cestnormalauquebec.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 image2.pubmatic.com ads.pubmatic.com
3 acdn.adnxs.com static.bigpipes.co
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fastlane.rubiconproject.com static.bigpipes.co
3 btlr.sharethrough.com static.bigpipes.co
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com static.bigpipes.co
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net static.bigpipes.co
securepubads.g.doubleclick.net
3 scontent-fra3-1.xx.fbcdn.net www.facebook.com
3 scontent-fra5-2.xx.fbcdn.net www.facebook.com
3 1.bp.blogspot.com www.cestnormalauquebec.com
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects
2 c1.adform.net 2 redirects
2 match.adsrvr.org
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com static.bigpipes.co
eus.rubiconproject.com
2 sync-eu.connectad.io cdn.connectad.io
2 ice.360yield.com 2 redirects
2 creativecdn.com 2 redirects
2 pre.ads.justpremium.com static.bigpipes.co
2 api.btloader.com btloader.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ad-delivery.net www.cestnormalauquebec.com
2 www.google-analytics.com www.cestnormalauquebec.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com www.cestnormalauquebec.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.cestnormalauquebec.com
2 plausible.io www.cestnormalauquebec.com
plausible.io
1 px.ads.linkedin.com
1 image4.pubmatic.com
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 rtb.gumgum.com pre.ads.justpremium.com
1 id5-sync.com
1 www.google.com tpc.googlesyndication.com
1 privacy-location-edge.ccgateway.net script-api.ccgateway.net
1 ads.stickyadstv.com 1 redirects
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 at.teads.tv a.teads.tv
1 js.gumgum.com www.cestnormalauquebec.com
1 d15kdpgjg3unno.cloudfront.net static.bigpipes.co
1 cdn.jsdelivr.net static.bigpipes.co
1 dyv1bugovvq1g.cloudfront.net static.bigpipes.co
1 carbon-cdn.ccgateway.net static.bigpipes.co
1 scontent.xx.fbcdn.net www.facebook.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ad.doubleclick.net www.cestnormalauquebec.com
1 static.bigpipes.co www.cestnormalauquebec.com
1 resources.blogblog.com www.cestnormalauquebec.com
1 btloader.com www.cestnormalauquebec.com
1 ajax.googleapis.com www.cestnormalauquebec.com
1 cestnormalauquebec.com 1 redirects
320 96

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
www.cestnormalauquebec.com
GTS CA 1D4		 2023-01-22 -
2023-04-22		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
plausible.io
R3		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
cdn.oboxads.com
R3		 2023-02-22 -
2023-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-15		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-02-16 -
2023-05-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
ccgateway.net
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
queue.amazonaws.com
Amazon		 2022-08-19 -
2023-08-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-01-29		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh

This page contains 85 frames:

Primary Page: https://www.cestnormalauquebec.com/
Frame ID: D9B72E5FF80E40C5457CBB3FE85307FE
Requests: 144 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpost.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FObaskaDesign%252Fposts%252Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl%26show_text%3Dtrue%26width%3D500
Frame ID: 9D0243239273F1E6C518F45D8C5AE6DE
Requests: 51 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Frame ID: 3505E7A04A3BA76826EC74C87D4FD120
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: D5C968CE432A847FE248DE591DA5BA01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2891529463319841&output=html&adk=1812271804&adf=3025194257&lmt=1678126361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678128333488&bpp=5&bdt=427&idt=260&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5549152058674&frm=20&pv=2&ga_vid=915464089.1678128333&ga_sid=1678128334&ga_hid=1286586244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31071869%2C31072648&oid=2&pvsid=235670220095574&tmod=731098407&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=316
Frame ID: 017013551773E095FAD146DF509BA943
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 20909B2D6AAE43A06988540AB08AB98C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 58CDC600FAEC4FDC806A0CD64BD5DE57
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/1a5c4cdf15c9770ba7e3369eaaeb5?gdpr_consent=&gdpr=0
Frame ID: 1B5D4C29D130CB185C62820464BE768B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: BFE74921487A8093908EC78DA06D92E7
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 3823CB5D28EEE506F457FC63A122E665
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DH4A7NYIce3yHbXMEt7F?pi=smilewanted&tc=1
Frame ID: 595621D00E85D0E022C8BF9B74E0ABF1
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Frame ID: 7D16A5AEEF47F62884BE12C9469B1D7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 411151DA7DEABB605F965C5A45534E62
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: B36CE4650C5760787ECAF883BF4E2243
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
Frame ID: F510D7B745F90E82087492B0EA69AE04
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 412B5A0560191A3DE72E456B8CDF527E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: A0506FF7D490A6919240682C09E066E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B82368124B309A5703B9A7EC45AFACA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB87C3C69F2A27CF208889B4AC9CC748
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: 575F10D08799641B3C9B13DACC3006C1
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EE63D10F06A69BD54ECB0DDE294E05AF
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 8174F34B28338460ED518D835B7F3400
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: 44296108AC63B62ED9384E41A0E81549
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3BF74C760385766480310B8800D91A25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: C407080064263E377BD4AF2B8C82AD6A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E855AB362CE72899976D35692B0866B5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 769DB1404458F82047231E65BF942722
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A10D1AE51201FD07EEC270A27C61C9AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4A12A7570527A1FECBEC5812A7A9CDDD
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3C452C4550B9E6901EBF16F999E06E41
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AADED770A770220611835E38CECBB00E
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=amlb1z1678128335190
Frame ID: D508B3AE929A7E63CE2E72F817DDE23A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F8523DD7B56DE50F444895511FA2FC0B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD063D2AC30BFD20E1CB5C39BE0B3225
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 06E122EC6548C93F50333AA7B03F8134
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: 31F967702E452A56EC8BE136B3AFB18B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-b2bc81a0-f502-4cad-8c52-df3c2801f45a-46478-121402657%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=16
Frame ID: B6A4A08A0EA9F69D82FB5D40AFE45C44
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C48F98A358CEFAAB544B15B3BBB20F86
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C96657E91600A92972B118039C15CDC1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D63DE864696E19E9A34258A454659686
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 93EB76C1F58B17227C05A2F18AB3DC68
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: A0A84A54A89272FF6B82B2363F06C297
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 1EBA34CF8BCA6152505E130C72E5B360
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 4AB842AF8789218B230E0D542AA30280
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F83146E40EB074F4E4A160E4676BB62B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 50208CC9C08A33D78073BC03402E3E87
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: E2C05AEE07F0D7A9B21815B33CA47853
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: F9B0FD929B6D5CDC14010D80F10CFF5B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 7BA520A0F667A343040D1E0DDB552D1F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&gdpr=0&gdpr_consent=
Frame ID: 6786C6C88580DCE31E8AF4A2BAB84BA2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5868299933476527047
Frame ID: 157670E442177943444A49CB9939B577
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2E0F268AE485473D01D7E62C78F6FC70
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: B4116AE577F911A37D323A7E07EF4D7F
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 27AEC39FEC6159C25E3B0010DFE2028C
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 63E323A06445DAEF4F54F93BE7D3EFAC
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 0FC95003CD58655621AC17072742F857
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Frame ID: 4F9B287DC6BA536402EC126DC35E1689
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Frame ID: A281C7C3E615E025AB8280CFC63226DB
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Frame ID: 1CCCA172A4110FD4E4A24455CDC244CD
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Frame ID: 5E62B5C0C0D6ABC3AA49EE9DFB10F4A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: C283071E99920D8A7861D4236769F8A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 9D1794D1142F2D82284EF2099762EBB2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 86A777594AB8966EA13A4A8F6A266C86
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6B1074165CCEB94734B5606526326144
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 98CD1C689F1F8442215DCCBE2EAD98B3
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: AD8336635A72B1ABF25942C0B16FB9A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 0576E8E5B9D111499CE6FEEB05278958
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 794A4E40590C8B03FCC8CE1A0B758AD7
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 80A872E9FF83D655C2251914900CA4F1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 14EC8EF9EE00023AB700F00C666DCAD8
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 8A74F298DF7BB475B67E60FC8BA9F47A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 42D9605FEECF52CD45B912EDC22A6C8B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 08F4FF64EF516FADBD98648953B2A649
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 468FFB935EF6C0703C635D38D9DA1890
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 566564065F00CBB22DD5771580250ADD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 069E5CF8A318968A636153DD4D5967C8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: CD5A2526DBB71BF0C27C1BC49B73EF62
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00mdfkUvvXF-7INo8DQAA%261188
Frame ID: 7DA0D494D3F5B2A09219BF51C384F0D2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Frame ID: B10FACE1A8022203C5837BF873D54F32
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Frame ID: F4ABDA23231BBABC55ED344E9B0EFA78
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Frame ID: F5E25978B1E7D782885E7A066BD2D6D0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Frame ID: 4374C8D1953DD8B27ABCDD52EC12832D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Frame ID: 646219B3E6E7F5D1DC5F14253A735FD4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Frame ID: 1549410CE6DB3BC937E955C0BDDE6927
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Frame ID: 64C7DF071D95CB38514DD7763D1943AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

C'est normal au Québec

Page URL History Show full URLs

  1. http://cestnormalauquebec.com/ HTTP 301
    http://www.cestnormalauquebec.com/ HTTP 301
    https://www.cestnormalauquebec.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

320
Requests

94 %
HTTPS

38 %
IPv6

55
Domains

96
Subdomains

75
IPs

13
Countries

7330 kB
Transfer

11868 kB
Size

62
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cestnormalauquebec.com/ HTTP 301
    http://www.cestnormalauquebec.com/ HTTP 301
    https://www.cestnormalauquebec.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136
  • https://g2.gumgum.com/javascripts/ggv2.js HTTP 301
  • https://js.gumgum.com/services.js
Request Chain 153
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/1a5c4cdf15c9770ba7e3369eaaeb5?gdpr_consent=&gdpr=0
Request Chain 187
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DH4A7NYIce3yHbXMEt7F?pi=smilewanted&tc=1
Request Chain 189
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Request Chain 195
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 197
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
Request Chain 249
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 250
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 251
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&gdpr=0&gdpr_consent=
Request Chain 265
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5868299933476527047
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ki2t6rzNTP6BMldc8CfG9w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 269
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4110925331 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
Request Chain 270
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjZjN3lCYnNDbkJSbWlrT2dKem1mSnR3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=9023916927671476795&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkEyREFERUEtQkNDRC00Q0ZFLTgxMzItNTc1Q0YwMjdDNkY3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJe7fncAA-NfYrgumGm8Zjk&google_cver=1
Request Chain 275
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9023916927671476795
Request Chain 277
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CdDvfYJE2uVj2.L6FUavWtbEAtclSPw-~A&gdpr=0
Request Chain 283
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Request Chain 284
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Request Chain 285
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Request Chain 286
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Request Chain 292
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 293
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 294
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 295
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 304
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00mdfkUvvXF-7INo8DQAA%261188
Request Chain 305
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Request Chain 306
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Request Chain 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Request Chain 308
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16daff02-bc4f-11ed-b922-169e7f670106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Request Chain 309
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16db04fa-bc4f-11ed-9e01-1e5bf6c20106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Request Chain 310
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16daf73a-bc4f-11ed-8082-14d534130106 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Request Chain 311
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16db0adb-bc4f-11ed-b0ff-1ef5e1e50406 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rfS4Bin6R1SxICW85llVfg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rfS4Bin6R1SxICW85llVfg
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_rFgD20BHx0otVcbNJOWA&google_cver=1
Request Chain 315
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEX6A6EF-U-1WZ2
Request Chain 316
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlNmNlNTA3YjNkNDM4MTM4YzI5MDI5YmQwZWZmYzhhNThiMDA3ZA
Request Chain 317
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Sqd0oqfHfg-GUzdgVP1wAw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-clmzKiZE2oKVETpgHENJ_QDUcZ.3KSxEqUX0Ig--~A
Request Chain 318
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=K3RoQuJ3S0iqP2DQNglMyQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=K3RoQuJ3S0iqP2DQNglMyQ
Request Chain 319
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYNkE2RUYtVS0xV1oy

320 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cestnormalauquebec.com/
Redirect Chain
  • http://cestnormalauquebec.com/
  • http://www.cestnormalauquebec.com/
  • https://www.cestnormalauquebec.com/
259 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d538a6cd7e7a6d2f904f5635a7cea26554f02878b42ef2dc60c2b1fea2c4a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
53808
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:32 GMT
etag
W/"3be6c7147dfbe387b1172f83305a3ee0110c2c0e3bb1ab91e33f314d88f44faa"
expires
Mon, 06 Mar 2023 18:45:32 GMT
last-modified
Mon, 06 Mar 2023 18:12:41 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
180
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 18:45:32 GMT
Expires
Mon, 06 Mar 2023 18:45:32 GMT
Location
https://www.cestnormalauquebec.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 23:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7776
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 06:52:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 28 Feb 2024 23:04:44 GMT
script.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1047
cdn-cachedat
03/06/2023 07:41:41
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.0.3
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
3f00b07cd1404a607fc5776fd7cbac9f
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57b6c0539c1dd5541a83e1a50f4450ced40778a8fabca5ba1dcecefde1506045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48038
x-xss-protection
0
server
cafe
etag
16786007877122005193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 18:45:33 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,700|Kalam:700
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90176ef65e8ebb15b3c1fd61b36d0f9a7631549139c21b958cbf48b64d254daf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:45:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:45:33 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
3488599
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7a3cc1a1dd119256-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 18:42:52 GMT
tag
btloader.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5691217997201408&upapi=true
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada7648287a3e19a8f00196926b991710781bb46bd3d3e191fad0b0021cd7c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 18:03:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2313
etag
W/"c72c74f1140d11b33ca10e6586229a73"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNmi9zlDwcshS9UaQum5pGIqN3IybpkQdSybi2gyzwDLPwGUjvb3lkPpN9G3tdP2Ng%2FJotEdM4LqIGg1JGzCBXfddgO7DQRGc%2BhaDelsUc%2FLSM34EqAvJtYS2Ypp7q9GrQ6DG3U%2F56D25A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7a3cc1a30d623a4f-FRA
AVvXsEh5W5NKOxA3uu35OliJAonXd85R7ih9wiyYVBpb3GOP5ZxzJOouWAzHCh5-CAYH3pYkL53CMZqN38U0aJtpv2JmF9JpWsi7Sr1L5VVM2ChvhhSrYEQm-ne1hqWnWbvbET-a9AC8pOCB5YzkkWpBX0WVzU-bUoHjFLXOgl88KNgwQvnPvmpCm5snATk=s150
blogger.googleusercontent.com/img/a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEh5W5NKOxA3uu35OliJAonXd85R7ih9wiyYVBpb3GOP5ZxzJOouWAzHCh5-CAYH3pYkL53CMZqN38U0aJtpv2JmF9JpWsi7Sr1L5VVM2ChvhhSrYEQm-ne1hqWnWbvbET-a9AC8pOCB5YzkkWpBX0WVzU-bUoHjFLXOgl88KNgwQvnPvmpCm5snATk=s150
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bbb9e6e2a6435c62b41a97b2f753dd6cbbf50572e7d0c44aadb9be338b07a6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v6fd3"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="6609.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4426
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 17:36:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Mar 2023 13:51:36 GMT
server
sffe
age
436164
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 08 Mar 2023 17:36:09 GMT
2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_d7jXlgnUBb-xReH7F6uSQxhjSB4J5Q8hkxyoN7Q/w72-h72-p-k-no-nu/2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e1d9699ea3f4837c287c5111c9b2c199014dd213027ac7aedfcbe8a9e281d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72de"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 19_25_45-Daniel (@danarley) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-01%2022_03_43-Vid%C3%A9os%20de%20Daniel%20%28@danarley%29%20avec%20son%20original%20-%20Daniel%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNCdOpsiosZfHDkWA-CuytOu6yBfVz4ntHwpQUKOk0vDoW932wXd_nkF1FIuCdtZd7EJ5W17Vf5CBN94RmcINJKDv8_fgIFwQA13YBLzlhJRtrTFyr0_iYcc2PCc2KcKXdtGqizsVzPeFT34bK... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNCdOpsiosZfHDkWA-CuytOu6yBfVz4ntHwpQUKOk0vDoW932wXd_nkF1FIuCdtZd7EJ5W17Vf5CBN94RmcINJKDv8_fgIFwQA13YBLzlhJRtrTFyr0_iYcc2PCc2KcKXdtGqizsVzPeFT34bKUjL7cQFBTEJt6JvIxSsvtokbLNVPfA4zap4_shE/w72-h72-p-k-no-nu/2023-03-01%2022_03_43-Vid%C3%A9os%20de%20Daniel%20%28@danarley%29%20avec%20son%20original%20-%20Daniel%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab3d151ce44b1a7c95f4c93d609f2491d31815e64911916a79cfb09ecc8f3212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72b3"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-01 22_03_43-Vid_os de Daniel (@danarley) avec son original - Daniel _ TikTok.png";filename*=UTF-8''2023-03-01%2022_03_43-Vid%C3%A9os%20de%20Daniel%20(%40danarley)%20avec%20son%20original%20-%20Daniel%20_%20TikTok.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11218
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
1.png
1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/w72-h72-p-k-no-nu/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/w72-h72-p-k-no-nu/1.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ed477f57139a07bf7b2af0df66cea2e6e61169ce1670982ad085397bb171984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11914
x-xss-protection
0
server
fife
etag
"v472e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 02 Mar 2023 23:42:30 GMT
2023-03-01%2018_52_35-%281%29%20Watch%20_%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiKibCFSGtUTHNU57KnfTYfQ1aiwCCa0PY8OnRG6tD1qB0cynOF-FX07L9N5jqQTzD589AblrHdI4uEu_pfbOAVUeXQh8-US7lOdvGW6WmVKrYav0ZWp0nFZ-YJ0nZ53wO5XJ6slnNg6Pt8FeX... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiKibCFSGtUTHNU57KnfTYfQ1aiwCCa0PY8OnRG6tD1qB0cynOF-FX07L9N5jqQTzD589AblrHdI4uEu_pfbOAVUeXQh8-US7lOdvGW6WmVKrYav0ZWp0nFZ-YJ0nZ53wO5XJ6slnNg6Pt8FeXFMep4X_PvfsMWXdKMAjsinfUZ6h-BQk5DSkpHTM/w72-h72-p-k-no-nu/2023-03-01%2018_52_35-%281%29%20Watch%20_%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02ca17c72a03f270061a4989915b527e8382e66f2b6044e1cebfff814a9431a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72a9"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-01 18_52_35-(1) Watch _ Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9159
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-03%2013_34_06-2023-03-03%2013_30_22-2023-03-03%2013_30_05-greag.jpg%20%E2%80%8E-%20Photos.png%20%E2%80%8E-%20Photos.png%20%E2%80%8E-.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKey7LM98JcUEe6w-H9CHecWmsEwy_EvnwU5ZBvmYShyobq9a0Ginvoz19Q07cl68JGpzK5AA5RjNyUpS_KPE_0bRb3wED0qwypLgiJRRkHEDtt8EwzWj4md2f9GvJGgSLdwMcuUk9EgRY_s9_... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKey7LM98JcUEe6w-H9CHecWmsEwy_EvnwU5ZBvmYShyobq9a0Ginvoz19Q07cl68JGpzK5AA5RjNyUpS_KPE_0bRb3wED0qwypLgiJRRkHEDtt8EwzWj4md2f9GvJGgSLdwMcuUk9EgRY_s9_RSbbIXmZfRzlZYj3ui-u4REqWvH2AkTXqDZdPl0/w72-h72-p-k-no-nu/2023-03-03%2013_34_06-2023-03-03%2013_30_22-2023-03-03%2013_30_05-greag.jpg%20%E2%80%8E-%20Photos.png%20%E2%80%8E-%20Photos.png%20%E2%80%8E-.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d798c393c063e3190ee592fc206aac6ce1808b612a718a05f9cab180a8e64d8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72d6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 13_34_06-2023-03-03 13_30_22-2023-03-03 13_30_05-greag.jpg _- Photos.png _- Photos.png _-.png";filename*=UTF-8''2023-03-03%2013_34_06-2023-03-03%2013_30_22-2023-03-03%2013_30_05-greag.jpg%20%E2%80%8E-%20Photos.png%20%E2%80%8E-%20Photos.png%20%E2%80%8E-.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8960
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
1.png
1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/s706/ 		466 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/s706/1.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9347c2aecc24e56124025272cc1ce39a533a561919a479bb6c189229f39306fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476873
x-xss-protection
0
server
fife
etag
"v472e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:54:46 GMT
2023-02-25%2019_16_58-rambo%20gathier%20%E2%80%93%20Recherche%C2%A0Google.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh1Oef7Mo7_mjaHsuWnGXbVZ4ZcuhpTWIYvVze_KOhnr3i_U4cRNSBWaq-Yyx1weaOI8rF27PgYngO5iePi3kxnOJps3ggxrdkAe4TpFvtn3EzpXUSbXlfnjkHDQrH8wTROqyDgt_GyFzhMQPL... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh1Oef7Mo7_mjaHsuWnGXbVZ4ZcuhpTWIYvVze_KOhnr3i_U4cRNSBWaq-Yyx1weaOI8rF27PgYngO5iePi3kxnOJps3ggxrdkAe4TpFvtn3EzpXUSbXlfnjkHDQrH8wTROqyDgt_GyFzhMQPLwPntEjJQmIYb8-3RGkTxM44lK_9ZPT5UvZG-nJM/w72-h72-p-k-no-nu/2023-02-25%2019_16_58-rambo%20gathier%20%E2%80%93%20Recherche%C2%A0Google.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
54bb212be28c7daf99a7ad975d66760f755854de6fd4647fd71df368ab62be50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v7261"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-25 19_16_58-rambo gathier _ Recherche_Google.png";filename*=UTF-8''2023-02-25%2019_16_58-rambo%20gathier%20%E2%80%93%20Recherche%C2%A0Google.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10335
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-16%2022_06_43-R%C3%A9ponse%20%C3%A0%20@Genevi%C3%A8ve%20r%C3%A9veillez-vous%20et%20reprenez%20vos%20droits.%20Apr%C3%A8s%20il%20s...%20_%20TikT.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmWP2NorolUPP9NGuvdln8mc2LNMaw8WoKVjKGWGASfCp5Vmtv89dWggoGbh0EI6dqhkij6QZoOt1F0sNWzV6_pPc8HvmbxVAXPELZ9f-QDEnqUGCIuIBMbuZVFgTEBwRCPgM-7uFfnfF-KDNZ... 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmWP2NorolUPP9NGuvdln8mc2LNMaw8WoKVjKGWGASfCp5Vmtv89dWggoGbh0EI6dqhkij6QZoOt1F0sNWzV6_pPc8HvmbxVAXPELZ9f-QDEnqUGCIuIBMbuZVFgTEBwRCPgM-7uFfnfF-KDNZ3lBWYyV2liBynznpR3psKcOpVjSjPyUTnJMqFT8/w72-h72-p-k-no-nu/2023-02-16%2022_06_43-R%C3%A9ponse%20%C3%A0%20@Genevi%C3%A8ve%20r%C3%A9veillez-vous%20et%20reprenez%20vos%20droits.%20Apr%C3%A8s%20il%20s...%20_%20TikT.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3dc83665a8ec770212a5e84293b448d3a1d8efc8f366081bf698b0bad9267e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v71dd"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-16 22_06_43-R_ponse _ @Genevi_ve r_veillez-vous et reprenez vos droits. Apr_s il s... _ TikT.png";filename*=UTF-8''2023-02-16%2022_06_43-R%C3%A9ponse%20%C3%A0%20%40Genevi%C3%A8ve%20r%C3%A9veillez-vous%20et%20reprenez%20vos%20droits.%20Apr%C3%A8s%20il%20s...%20_%20TikT.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10709
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-24%2019_49_31-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUe6eHcqHzdNT_NI28dtqevxWUN5Au4OuSZ-8wxRkQINWVGA-KWMPXtepQdV7vWWK1_e9V1jSWDoRrUeAzG7ZM3a0DXAU6siFPgZQPvQ0E4IdaEKx-qL9e8KpMaSaS9zxTqAokvZxXByG_y__1... 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUe6eHcqHzdNT_NI28dtqevxWUN5Au4OuSZ-8wxRkQINWVGA-KWMPXtepQdV7vWWK1_e9V1jSWDoRrUeAzG7ZM3a0DXAU6siFPgZQPvQ0E4IdaEKx-qL9e8KpMaSaS9zxTqAokvZxXByG_y__1a1f13-eYACHQ07YR8pfUEgcWwozDOWXpFC7clB0/w72-h72-p-k-no-nu/2023-02-24%2019_49_31-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1814425fd87a21dce240f385309f5aba46bc31229c823fdeb1dd32a0da6a5511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v7258"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-24 19_49_31-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9661
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
AVvXsEiYlnl-wXx51c71uSnSx1TexeCaiJoyYnsrnZGKB_iRSEiivYbI3yRP_k876-zX26Zoc52bEntni40s3XrPkMYEPqBXsdmDqcXrkHUNJ9wBRyUXbMNT1-vZ1yVl_2iSB6MZytLhxnSHQ_sTOVJJm_bZA1qAe4psGxYCRsURuthADgclkrqK6KG4_gE=w72-h...
blogger.googleusercontent.com/img/a/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiYlnl-wXx51c71uSnSx1TexeCaiJoyYnsrnZGKB_iRSEiivYbI3yRP_k876-zX26Zoc52bEntni40s3XrPkMYEPqBXsdmDqcXrkHUNJ9wBRyUXbMNT1-vZ1yVl_2iSB6MZytLhxnSHQ_sTOVJJm_bZA1qAe4psGxYCRsURuthADgclkrqK6KG4_gE=w72-h72-p-k-no-nu
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1a2914f504d0e526d30692afcda51550d01de2bd535654fb0bb0aaf3b9ce6a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v597b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="jyutigi.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12487
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-17%2009_18_31-Caro%20La-Naturo_%20Naturopathie%F0%9F%8C%BF%20%28@caro.la.naturo%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-6WMHFbFSgzrjuA4LFeqcggp1o8WqqjQKFsMal3okacOZ_rjSQ9iNHFfIpMdhtwdBFMS3hZY5qpOj0dpErV4ZhQVlfIHSc6UvxP0OBBb6lHbvj_TjUwC4A-NqXr4grIJp6bj44eauvOO_0txW... 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-6WMHFbFSgzrjuA4LFeqcggp1o8WqqjQKFsMal3okacOZ_rjSQ9iNHFfIpMdhtwdBFMS3hZY5qpOj0dpErV4ZhQVlfIHSc6UvxP0OBBb6lHbvj_TjUwC4A-NqXr4grIJp6bj44eauvOO_0txWUr9uysrECeykcpqmN23di_p-VDtcAtYKoC29vfk/w72-h72-p-k-no-nu/2023-02-17%2009_18_31-Caro%20La-Naturo_%20Naturopathie%F0%9F%8C%BF%20%28@caro.la.naturo%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
29b28a183b082bbbb2af8fafc85eb765042daa4bcb2be1f8fa9d5207e637a5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v71e7"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-17 09_18_31-Caro La-Naturo_ Naturopathie_ (@caro.la.naturo) _ TikTok.png";filename*=UTF-8''2023-02-17%2009_18_31-Caro%20La-Naturo_%20Naturopathie%F0%9F%8C%BF%20(%40caro.la.naturo)%20_%20TikTok.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10538
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-10%2022_13_20-%23duo%20avec%20@Patrick%20Groulx%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhk4TScqzjsSenRQuq7y9RBW-AGSIaYGQR33NPU871Pbf9_ymEirvkE4r3HNFIkOimAEir2vxYk4tFE4vF7Uru0I6H18wUK_gQ5os3KrZ7fwhx_s6jCzcbyU_upcRer8eQ5a1HiM6hIzpYN4G6k... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhk4TScqzjsSenRQuq7y9RBW-AGSIaYGQR33NPU871Pbf9_ymEirvkE4r3HNFIkOimAEir2vxYk4tFE4vF7Uru0I6H18wUK_gQ5os3KrZ7fwhx_s6jCzcbyU_upcRer8eQ5a1HiM6hIzpYN4G6k_XuJrq7z0Qa3dq-zx81pq0pNJ-e05KV87z9i_Ig/w72-h72-p-k-no-nu/2023-02-10%2022_13_20-%23duo%20avec%20@Patrick%20Groulx%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa6ef287993b39569ee4349feff5bcfb1679638f662538034cab787328f4bd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v719f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-10 22_13_20-#duo avec @Patrick Groulx _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11105
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-02%2018_22_22-Watch%20_%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirvhWakNshjwPxAK9L7JhzFR-8BeKXk7gjPjr86lxjwQdgTWfe6VdGBsNEOIKmhX2ACAPq7hqGdC-CFjhaKfYV54NQr9l5x5G0M5YmR6uVKzsvrwr-t5JXmZ52H7gnvxAJU24g4-KnIvbaK9PU... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirvhWakNshjwPxAK9L7JhzFR-8BeKXk7gjPjr86lxjwQdgTWfe6VdGBsNEOIKmhX2ACAPq7hqGdC-CFjhaKfYV54NQr9l5x5G0M5YmR6uVKzsvrwr-t5JXmZ52H7gnvxAJU24g4-KnIvbaK9PUjAIsCRi2aTBYjv4t1xZoFj74znY1xRhvS3CyvqE/w72-h72-p-k-no-nu/2023-02-02%2018_22_22-Watch%20_%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a288e8a1bfb5152dd323e4a2121bb25137daf9214c604e45bd13d0672e3a5b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v715a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-02 18_22_22-Watch _ Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9218
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRe... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRepNhpIK2QYdgw_appgXHG0HQDTWQ4El5PV2QLaO0/w72-h72-p-k-no-nu/2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8728f44256378e529cf686a95b227a3603d3f6a8e1bbe0776bf5bc6b46843640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v719d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-09 22_30_44-TikTok Policier du Peuple (@maximeouimet) _ Regarde les derni_res vid_os TikTok .png";filename*=UTF-8''2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20(%40maximeouimet)%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10407
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-19%2009_27_55-%281%29%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwWQsGFCmhFE2G9wiygJDlHcMQC_6POruqDaQe35cfw7vO2-xwbvkKhTDQi3E--5TWWVkbADyteD_f-t-Mxm2wuI9-oJiKidAw2ulAcyJBxDKez1WiOrVkgSL9_0CZs3BiyUem9-QHmHVok50n... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwWQsGFCmhFE2G9wiygJDlHcMQC_6POruqDaQe35cfw7vO2-xwbvkKhTDQi3E--5TWWVkbADyteD_f-t-Mxm2wuI9-oJiKidAw2ulAcyJBxDKez1WiOrVkgSL9_0CZs3BiyUem9-QHmHVok50nK2mpO-4M0J-cp1aIgtKMirpb9KMuneokoQTAzAg/w72-h72-p-k-no-nu/2023-02-19%2009_27_55-%281%29%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
231d70c4e1416a77de4014347e97f0fa16c3cd55076f219af70dfafb46ddfe3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v7203"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-19 09_27_55-(1) Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11825
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
cookienotice.js
www.cestnormalauquebec.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/js/cookienotice.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 14:52:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 13 Mar 2023 18:45:33 GMT
2492653901-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2492653901-widgets.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5742adc4f37380f1f1bcff108410e9d03cb9c0a40f56e6d8a26666a33d4282f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:53:12 GMT
x-content-type-options
nosniff
age
406341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157231
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 00:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 01 Mar 2024 01:53:12 GMT
cestnormalauquebec_site.js
static.bigpipes.co/v4/sites/ 		374 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.164.223.117 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
nb-69-164-223-117.newark.nodebalancer.linode.com
Software
nginx /
Resource Hash
9f72d85528e44642448d8c3c594f87f4857eb8ec9bb225ddb6ca2efce3a7ad22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
last-modified
Sat, 04 Feb 2023 14:52:27 GMT
server
nginx
etag
W/"63de712b-5d9b5"
content-type
application/javascript
cache-control
max-age=2592000
x-backend-server
proxy05
expires
Wed, 05 Apr 2023 18:45:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 17:19:39 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5154
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Mar 2023 19:19:39 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8555745651444687175&zx=6833a7e9-3ac9-4842-bbc3-43d5040696d8
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 18:45:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
post.php
www.facebook.com/plugins/ Frame 9D02 		105 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc4bc856b041bda5a3b1f28e48b3b3cfdf9a3ae929cae9de1d59d2d71e41c8c0
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Mar 2023 18:45:33 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
1/kKHp5qji/56V5wwgOCDApVG201cwSXsY/Q6OxqvjFDnR1tqfCA6B2WfZj6fa7ea+Zv1KXegaVwDPGEzJjyOQ==
x-fb-rlafr
0
x-xss-protection
0
background-4.jpg
1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/background-4.jpg
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:50:44 GMT
x-content-type-options
nosniff
age
10489
content-disposition
inline;filename="background-4.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21513
x-xss-protection
0
server
fife
etag
"vf46"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Feb 2023 09:24:25 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,700|Kalam:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 08:04:54 GMT
x-content-type-options
nosniff
age
297639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 08:04:54 GMT
post.php
www.facebook.com/plugins/ Frame 3505 		92 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
845102f66c04a60a9dec2900fa7b1edc231b4e5b79c9d46146f4d96179e0d8e3
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Mar 2023 18:45:33 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
3aHiKbJzFw0XpOZ2vL6bx3XXMaY/A8m9oDmoFyYMVxZPZv8FXw7d7CGIJJvA/wkIjjVFemEvjOaeURqRNOJAqw==
x-fb-rlafr
0
x-xss-protection
0
2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRe... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRepNhpIK2QYdgw_appgXHG0HQDTWQ4El5PV2QLaO0/s72-c/2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9052cf15b42c79fe1c71be9499856d2b9148e2e05df2bbb036beb2b139e5f8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v719d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-09 22_30_44-TikTok Policier du Peuple (@maximeouimet) _ Regarde les derni_res vid_os TikTok .png";filename*=UTF-8''2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20(%40maximeouimet)%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10376
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQ... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQxyKaXRD8iL-9H9IqYTlwnOpF91cPU7JCQQdP7sU/s72-c/2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f21a207a5725f4a203db314bb79a1d0f6d2558875155803f597b86a2e9886bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-05 19_47_35-Gorg Nuwa - Le Reptilien Du Peuple _ Facebook _ Mozilla Firefox.png";filename*=UTF-8''2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9211
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
AVvXsEhtzhsJ5-nb3FxN6tRk76YCNnatjfnPwC-vkD7ZWSmAsHAEs_tFEKI_HN-0PT2iQ1ZLBRA7eR3fHYRcVSjDosAf1j1-Aea_ecYjKX6ndfFs6IH2HFRVcGUcu_SuX2XyJ2tcbKWo3r64rm6bAfh7vI10rSmrKrSQQpyUnR61BNgmiZkoFgZ-H6Z7Qh4=s72-c
blogger.googleusercontent.com/img/a/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhtzhsJ5-nb3FxN6tRk76YCNnatjfnPwC-vkD7ZWSmAsHAEs_tFEKI_HN-0PT2iQ1ZLBRA7eR3fHYRcVSjDosAf1j1-Aea_ecYjKX6ndfFs6IH2HFRVcGUcu_SuX2XyJ2tcbKWo3r64rm6bAfh7vI10rSmrKrSQQpyUnR61BNgmiZkoFgZ-H6Z7Qh4=s72-c
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8bf6df44459d2397b8c03162670edf27712133963581efa684578fd384bfaf7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v6791"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="-04 13_47_21.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8987
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-05%2011_46_14-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmZ0MWRt8q7KKaJ3oD8XLo0BLSfbcUuAKZa6esLLaUe1gH9TdBxUtMFJJz4ED9ucjM4M-7EU47VuS5iPDnfdendBlij7oTrTMXW6eKWkPV1khuWQ-diyWpRzzK8egLfLoPprflSclJUF9OFKAh... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmZ0MWRt8q7KKaJ3oD8XLo0BLSfbcUuAKZa6esLLaUe1gH9TdBxUtMFJJz4ED9ucjM4M-7EU47VuS5iPDnfdendBlij7oTrTMXW6eKWkPV1khuWQ-diyWpRzzK8egLfLoPprflSclJUF9OFKAhZkLzJk0J-f8ehfjhEwV78zpZ0u7uGDT0C_0WyeY/s72-c/2023-03-05%2011_46_14-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
15e223ceedf59a483161545d731f01d77ac1b500e2928e964ec0c71184e4ea43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f2"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-05 11_46_14-steeve_wolf2 (@steeve_wolf2) _ TikTok _ Mozilla Firefox.png";filename*=UTF-8''2023-03-05%2011_46_14-steeve_wolf2%20(%40steeve_wolf2)%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10502
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
AVvXsEgBVoUV-dY5Om6U_BP98on9tTdirzJJB1SR5qjd9ODgvjXJE0S7R8Rw8A8TE5U_3cEaih9mK1YRPbFfGMJaR0AJ6iTy9hsyDP6by5mG1LvZ8yhiDPylia4QAKR-Uqhl7EQjCs7znc1W3KeA3BT81gtBVW-yfIuvjTAKatd5-12-XfhgAfs289yBomI=s72-c
blogger.googleusercontent.com/img/a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgBVoUV-dY5Om6U_BP98on9tTdirzJJB1SR5qjd9ODgvjXJE0S7R8Rw8A8TE5U_3cEaih9mK1YRPbFfGMJaR0AJ6iTy9hsyDP6by5mG1LvZ8yhiDPylia4QAKR-Uqhl7EQjCs7znc1W3KeA3BT81gtBVW-yfIuvjTAKatd5-12-XfhgAfs289yBomI=s72-c
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0e4b133b109b8159f263e1a46472a19331920b9699e331a0dfbdac4b921aa591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v5716"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ggg.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7925
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-04%2019_14_18-Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtVmwykkmUhVAkE-G2pugc9KpUWL-4FavvriMzFzNco4XfDdYxvcKXb2sVto6iIXqaBUwYSGcHbsddbyezGfhmKQ4r3iD77LNt_DMWu29zGDqAO3d8Q0ekS99vikzv3Z3kYGOjYWg-gLtIfiHA... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtVmwykkmUhVAkE-G2pugc9KpUWL-4FavvriMzFzNco4XfDdYxvcKXb2sVto6iIXqaBUwYSGcHbsddbyezGfhmKQ4r3iD77LNt_DMWu29zGDqAO3d8Q0ekS99vikzv3Z3kYGOjYWg-gLtIfiHALnYVri5E7Q6hZ6e9yo7iZNdI1HAHz42Jidw12_o/s72-c/2023-03-04%2019_14_18-Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c8b64e755682c0facd2136ffcf85aad66748cce38683f7259b702a436f647364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-04 19_14_18-Policier du Peuple (@maximeouimet) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11205
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-02-28%2011_58_49-%281%29%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7LoRxZGRz-rBMaDSgt1SEAGLz7WL25o3exCgdobYfuvQ3FNHiARToN2dmJ5NRUf3pyBG06NJNgjE6nIAwqFGbeHSe7Nyu0amDK3oZ6Ax7kh5ZESAPHoaHNeFZmLx8GMsVDJsSUC3MqPVH4Vfz... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7LoRxZGRz-rBMaDSgt1SEAGLz7WL25o3exCgdobYfuvQ3FNHiARToN2dmJ5NRUf3pyBG06NJNgjE6nIAwqFGbeHSe7Nyu0amDK3oZ6Ax7kh5ZESAPHoaHNeFZmLx8GMsVDJsSUC3MqPVH4VfzBRFfIjCD37ZURElqv1gGpHKYE2QgMvjwsdf7h30/s72-c/2023-02-28%2011_58_49-%281%29%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e9b11af2298c9924c5cfed2a73d5b79415bfc7dc4b30efe169c14cc82be7e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v7292"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-28 11_58_49-(1) Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9025
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCr5zanMqz0GAvXO0XL7FK5GyRau4RqsNVxXh0FoPS-hlaJrh8DnqLN-iY6E7SKvO1aJjKj-SB1SdMP2eiT6Ti3_jbUu9SYFjIe53II9bBskION95GM4kZsaajJ3HtAgq7bdf3V9MQBuUKWedn... 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCr5zanMqz0GAvXO0XL7FK5GyRau4RqsNVxXh0FoPS-hlaJrh8DnqLN-iY6E7SKvO1aJjKj-SB1SdMP2eiT6Ti3_jbUu9SYFjIe53II9bBskION95GM4kZsaajJ3HtAgq7bdf3V9MQBuUKWedngtteyy0I4bOlTHG5Gh2wKqymsS0nERxH7kpnmZ8/s72-c/2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
95b192bc1fa7b65ad2881a7dbbd230c177a2848ae8d4d97b598a1624269cedc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72ea"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-04 10_39_09-2023-03-04 10_38_48-Photos iCloud.png _- Photos.png";filename*=UTF-8''2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11680
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-03%2023_02_58-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ8oB8TKlHS7u_GO-_ndfpWGJkx29xcQgRU9MiCeP857IkJbLVkxm9jAPGLvNd8QPvvyzE2bhkCedirfHXv4wtkJtqjvP8tqkCbZWCkaZkXOXAWdtP0ZzUFUrzyaBLFpGhEX3S4yLfVsYmdGcN... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ8oB8TKlHS7u_GO-_ndfpWGJkx29xcQgRU9MiCeP857IkJbLVkxm9jAPGLvNd8QPvvyzE2bhkCedirfHXv4wtkJtqjvP8tqkCbZWCkaZkXOXAWdtP0ZzUFUrzyaBLFpGhEX3S4yLfVsYmdGcNgcHstPLMlKnapUf93m_2zrbfQC5mD4PV2LLE6ro/s72-c/2023-03-03%2023_02_58-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3f1863099af46443b87aa50bb0684d7d7e816594c4b0b1510bf333e4b5d4d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72e0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 23_02_58-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10292
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_d7jXlgnUBb-xReH7F6uSQxhjSB4J5Q8hkxyoN7Q/s72-c/2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c9b0aa7b43b4efa7a805f87885970644a218441f38d6feb4d0ca5b8d90973545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72de"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 19_25_45-Daniel (@danarley) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11957
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3bd2f92752acd44de2935b59db4e6afe
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a3cc1a30a1c9b63-FRA
cdn-requestpullsuccess
True
default
www.cestnormalauquebec.com/feeds/posts/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery111004053373329655383_1678128333238&_=1678128333239
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
c6eaf6249dd28d2d6b8f957bd260fda6e0bfbe738dbf7003c7e0c34f7b12b5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cestnormalauquebec.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 18:12:41 GMT
server
blogger-renderd
etag
W/"9b79a9a73941a91a85fea663f076e0a1ca9ce3ae4e3ba031a8cc6cf9c9cb7de6"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
4521
x-xss-protection
0
expires
Mon, 06 Mar 2023 18:45:34 GMT
News
www.cestnormalauquebec.com/feeds/posts/default/-/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/feeds/posts/default/-/News?alt=json-in-script&max-results=3&callback=jQuery111004053373329655383_1678128333240&_=1678128333241
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
4524c8aebbe4eb84268bb0acd8855c1a669dc8bc399881f53bb24d2d8b19aae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cestnormalauquebec.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 18:12:41 GMT
server
blogger-renderd
etag
W/"e2f20206f3f5038edd657d1443d48b3c566ccc24526943f2f97a6c0116162b82"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
787
x-xss-protection
0
expires
Mon, 06 Mar 2023 18:45:34 GMT
summary
www.cestnormalauquebec.com/feeds/posts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
583f68f33e19fc826b713f6c8f9a92a389341c93ac304648ac5d98673859a6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 18:12:41 GMT
server
blogger-renderd
etag
W/"01ce5f21ff3656e2911cc2e45f991936492cf190ddb03e286c5e0bb63575754f"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1365
x-xss-protection
0
expires
Mon, 06 Mar 2023 18:45:34 GMT
2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRe... 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRepNhpIK2QYdgw_appgXHG0HQDTWQ4El5PV2QLaO0/s1600/2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
256753b1dc71a182c6cd645c46805cf1b8e07c8bd45e679657282f2cf366168b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v719d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-09 22_30_44-TikTok Policier du Peuple (@maximeouimet) _ Regarde les derni_res vid_os TikTok .png";filename*=UTF-8''2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20(%40maximeouimet)%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280318
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQ... 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQxyKaXRD8iL-9H9IqYTlwnOpF91cPU7JCQQdP7sU/s1600/2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7bbc0b1d217e29d47f1aaa0a28fec110c9ff9a76f384ec63c626181be2a03e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-05 19_47_35-Gorg Nuwa - Le Reptilien Du Peuple _ Facebook _ Mozilla Firefox.png";filename*=UTF-8''2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150103
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-05%2011_46_14-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmZ0MWRt8q7KKaJ3oD8XLo0BLSfbcUuAKZa6esLLaUe1gH9TdBxUtMFJJz4ED9ucjM4M-7EU47VuS5iPDnfdendBlij7oTrTMXW6eKWkPV1khuWQ-diyWpRzzK8egLfLoPprflSclJUF9OFKAh... 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmZ0MWRt8q7KKaJ3oD8XLo0BLSfbcUuAKZa6esLLaUe1gH9TdBxUtMFJJz4ED9ucjM4M-7EU47VuS5iPDnfdendBlij7oTrTMXW6eKWkPV1khuWQ-diyWpRzzK8egLfLoPprflSclJUF9OFKAhZkLzJk0J-f8ehfjhEwV78zpZ0u7uGDT0C_0WyeY/s1600/2023-03-05%2011_46_14-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d0bb2bc7dc5e349816784ddf3a2640d7715ad5e7e3a8c33b2e3bdccf05b42832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f2"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-05 11_46_14-steeve_wolf2 (@steeve_wolf2) _ TikTok _ Mozilla Firefox.png";filename*=UTF-8''2023-03-05%2011_46_14-steeve_wolf2%20(%40steeve_wolf2)%20_%20TikTok%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286737
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-04%2019_14_18-Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtVmwykkmUhVAkE-G2pugc9KpUWL-4FavvriMzFzNco4XfDdYxvcKXb2sVto6iIXqaBUwYSGcHbsddbyezGfhmKQ4r3iD77LNt_DMWu29zGDqAO3d8Q0ekS99vikzv3Z3kYGOjYWg-gLtIfiHA... 		406 KB
406 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtVmwykkmUhVAkE-G2pugc9KpUWL-4FavvriMzFzNco4XfDdYxvcKXb2sVto6iIXqaBUwYSGcHbsddbyezGfhmKQ4r3iD77LNt_DMWu29zGDqAO3d8Q0ekS99vikzv3Z3kYGOjYWg-gLtIfiHALnYVri5E7Q6hZ6e9yo7iZNdI1HAHz42Jidw12_o/s1600/2023-03-04%2019_14_18-Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
23a1615364b00d14cacb80c96c12a824a3efc07de68b6be62cfde26ae55f50dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-04 19_14_18-Policier du Peuple (@maximeouimet) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
415429
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:34 GMT
2023-02-28%2011_58_49-%281%29%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7LoRxZGRz-rBMaDSgt1SEAGLz7WL25o3exCgdobYfuvQ3FNHiARToN2dmJ5NRUf3pyBG06NJNgjE6nIAwqFGbeHSe7Nyu0amDK3oZ6Ax7kh5ZESAPHoaHNeFZmLx8GMsVDJsSUC3MqPVH4Vfz... 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7LoRxZGRz-rBMaDSgt1SEAGLz7WL25o3exCgdobYfuvQ3FNHiARToN2dmJ5NRUf3pyBG06NJNgjE6nIAwqFGbeHSe7Nyu0amDK3oZ6Ax7kh5ZESAPHoaHNeFZmLx8GMsVDJsSUC3MqPVH4VfzBRFfIjCD37ZURElqv1gGpHKYE2QgMvjwsdf7h30/s1600/2023-02-28%2011_58_49-%281%29%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
106c328e1463c7ebdaadc954f5f9eae9c90145252c9cb436a4de75703a5925c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v7292"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-28 11_58_49-(1) Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293824
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCr5zanMqz0GAvXO0XL7FK5GyRau4RqsNVxXh0FoPS-hlaJrh8DnqLN-iY6E7SKvO1aJjKj-SB1SdMP2eiT6Ti3_jbUu9SYFjIe53II9bBskION95GM4kZsaajJ3HtAgq7bdf3V9MQBuUKWedn... 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCr5zanMqz0GAvXO0XL7FK5GyRau4RqsNVxXh0FoPS-hlaJrh8DnqLN-iY6E7SKvO1aJjKj-SB1SdMP2eiT6Ti3_jbUu9SYFjIe53II9bBskION95GM4kZsaajJ3HtAgq7bdf3V9MQBuUKWedngtteyy0I4bOlTHG5Gh2wKqymsS0nERxH7kpnmZ8/s1600/2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9852a62344359ea039cad40344aa32849c906348fddbbba67460b70764cc8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72ea"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-04 10_39_09-2023-03-04 10_38_48-Photos iCloud.png _- Photos.png";filename*=UTF-8''2023-03-04%2010_39_09-2023-03-04%2010_38_48-Photos%20iCloud.png%20%E2%80%8E-%20Photos.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229976
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
2023-03-03%2023_02_58-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ8oB8TKlHS7u_GO-_ndfpWGJkx29xcQgRU9MiCeP857IkJbLVkxm9jAPGLvNd8QPvvyzE2bhkCedirfHXv4wtkJtqjvP8tqkCbZWCkaZkXOXAWdtP0ZzUFUrzyaBLFpGhEX3S4yLfVsYmdGcN... 		608 KB
608 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ8oB8TKlHS7u_GO-_ndfpWGJkx29xcQgRU9MiCeP857IkJbLVkxm9jAPGLvNd8QPvvyzE2bhkCedirfHXv4wtkJtqjvP8tqkCbZWCkaZkXOXAWdtP0ZzUFUrzyaBLFpGhEX3S4yLfVsYmdGcNgcHstPLMlKnapUf93m_2zrbfQC5mD4PV2LLE6ro/s1600/2023-03-03%2023_02_58-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1bb26208cff855a64bf604bba379ebcf75a70f471c3dc02524e0bf207f8fa953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v72e0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 23_02_58-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
622511
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:34 GMT
2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_... 		393 KB
393 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-rxrD-C9C2Ztka5jNMwZCkMxi7if27EcvqEpOZrD-cOaSX3qG2OxQ10X8hEiDZxmyC8tRUPZ0d_5jDJID-8btWV1mITcCsskbYQPZRFP0oBoc-H8yzgiKo2m0fuhj0TK_W0ypXqj0dYkKUIN_d7jXlgnUBb-xReH7F6uSQxhjSB4J5Q8hkxyoN7Q/s1600/2023-03-03%2019_25_45-Daniel%20%28@danarley%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
054028be650d6cbc7d154536ce5a2dfd24a6e58ebf4b47ba95caa345cb39dac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v72de"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-03 19_25_45-Daniel (@danarley) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402472
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:33 GMT
px.gif
ad-delivery.net/ 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
529016
x-guploader-uploadid
ADPycdsIx_fOzyXFBWmrsZzr--pAYnf1RkbE4rRhJDH9wkJLGnDgJV9g0GtPhuDEnYuZHGJFcuKai3Kbw-NAjTFDY4kqUH-uyn5m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z659cDHxabVIbCyqdUg4UwVNEQvW0OpMtY9%2BSdCACOdhAZvah%2BbOy490g9si6MHLAZbvT3NKBpTkacibLalD45NQtQ7ZlNr4FbpwrwVgZXKRGzxXjypeMh%2FoswhEa51Vn%2B%2Fir4q4NRpAwr57iA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7a3cc1a3c9a59a1e-FRA
expires
Tue, 28 Feb 2023 16:48:37 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 17:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Mar 2023 17:32:19 GMT
px.gif
ad-delivery.net/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.12734002453095572
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
529016
x-guploader-uploadid
ADPycdsIx_fOzyXFBWmrsZzr--pAYnf1RkbE4rRhJDH9wkJLGnDgJV9g0GtPhuDEnYuZHGJFcuKai3Kbw-NAjTFDY4kqUH-uyn5m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xEiMEERgeDuegvppjalE9vjGZyr0G2PgOeCeQxuiIph4m48N2Vz2lQ3BsBqm3muu2EA9avZQ7gaifcq5d7BFiwGjyPHK2wNCvmxBgnIU3M8H9Pg8VLyKgtqkQ6sAsA%2FNL2%2FvV6HcUFH8YZMKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7a3cc1a3c9a69a1e-FRA
expires
Tue, 28 Feb 2023 16:48:37 GMT
collect
www.google-analytics.com/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1286586244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ul=en-us&de=UTF-8&dt=C%27est%20normal%20au%20Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1598322254&gjid=1827581693&cid=915464089.1678128333&tid=UA-114699218-1&_gid=941910181.1678128333&_r=1&_slc=1&z=1320529223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8555745651444687175&zx=6833a7e9-3ac9-4842-bbc3-43d5040696d8
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 18:45:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-114699218-1&cid=915464089.1678128333&jid=1598322254&gjid=1827581693&_gid=941910181.1678128333&_u=IEBAAEAAAAAAACAAI~&z=980934675
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79fba8bbc8c3dc79e610870ca55176882746ba1021660735609899e2728f7b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121460
x-xss-protection
0
server
cafe
etag
18241504175413185161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Mar 2023 18:45:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame D5C9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 07:46:10 GMT
etag
2378337311435320485
expires
Mon, 20 Mar 2023 07:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
298805265_427005522780552_8573774939127256081_n.png
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 3505 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/298805265_427005522780552_8573774939127256081_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0Xj3T3OkZE4AX8WZ1wf&_nc_ht=scontent-fra5-2.xx&edm=AN6CN6oEAAAA&oh=00_AfAT1aCXIMedlkk5DiyVrx-NcJXtNh1nI_ppg5J064Xb4Q&oe=640B0243
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9557801ca538e946462938475eafc1d2c363039abba5229dd139967aacd06b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
896443914
date
Mon, 06 Mar 2023 18:45:33 GMT
content-digest
adler32=1669958528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4910
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 10 Aug 2022 16:56:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
qT7eLVU7VYOHTMNsobeA5RKO0c_9DKWf72klSVB6v8Hkw62ImpVJug74TLtH_hCQr3Q6K4Jgs1zah1KRwRdgPTB8NpX_EjKyL_tQf4wzx3k
x-needle-checksum
843388376
accept-ranges
bytes
timing-allow-origin
*
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 3505 		522 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
x-fb-rlafr
0
x-fb-debug
caBXZf8MQjJAoTvKJFt7skcc56ByL750qrHqOLM5bhrcwKJ8Lu1oN4ANGrGyVIgZ4IMwdxryFQJDl2BW+0q9BA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:03:24 GMT
293067771_6266973212621_5330118113114261810_n.png
scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/ Frame 3505 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/293067771_6266973212621_5330118113114261810_n.png?stp=cp0_dst-jpg_p180x540_q90_spS444&_nc_cat=108&ccb=1-7&_nc_sid=67cdda&_nc_ohc=pazjxllyLtoAX-MZHRO&_nc_ht=scontent-frt3-2.xx&edm=AN6CN6oEAAAA&oh=00_AfDBfOX1_WZxaj1H6qnAXKtrEz5mRKPUrnabLIpRKKgz-w&oe=640AAE4A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe5f1716a34c4d9eebf9c7f816255dfe56e351062c50652b41ef4757248f0847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
145854261
date
Mon, 06 Mar 2023 18:45:33 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Tue, 19 Jul 2022 05:00:50 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4153124716
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1383101331
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
148435
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5691217997201408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=qCZTdP7Q6y&w=6298165205532672&o=5691217997201408&cv=2.1.08-9-gbce3fb9&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&sid=oaBtRCPU&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5691217997201408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 18:45:33 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
PU4XElb3dEc.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 9D02 		1 KB
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b45b9497d3293b6ba6b18bdb7222f1981cb5b75fe75a09adc80154f03218440b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4OeDKMfTlSe1DSO+l+whzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
265
x-fb-rlafr
0
x-fb-debug
1+DGmH/tG7Yh0MRUBJEyt/soc2N/hWSFnacXzoYTe53CEzE7DtviEneEe2OKeFp28aaPlXa4zzNITxZW0oMT9A==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Mar 2024 18:04:39 GMT
JQr1MwvtAZF.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 9D02 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/JQr1MwvtAZF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b48fd8e968357a5367c16222bd2757d8ce954f9967b36e651101edff3acd4e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
59B9fRlHR5OjzgoE++cAHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4892
x-fb-rlafr
0
x-fb-debug
bcM+7HMPch9eajplE3rzR9Djtgnky409BR4mrhAh9OcWMy2PbdGR+43Q+FtCDpH1CMBUBJSUcUeMmJ4B1YGccQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 05 Mar 2024 04:04:44 GMT
HghExBrcYr0.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame 9D02 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/HghExBrcYr0.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf3675e8e03bb444c9692f09fe4784ec2f1f1002c89f16ded090411acadfa9c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3w00uFwxa0OWuKesu/lU9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4923
x-fb-rlafr
0
x-fb-debug
3XBlrsWe86cti+DzBfOs1nu3IAWWmfBS+cMuH7JTviPb/Pi7qRW0NF3AV2IyIKG1KhXXJuhmieoDBwR4bSOOIw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 05 Mar 2024 04:03:03 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 9D02 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
xobPkAgPHSWJ850TffNoUKw97a9PDvdEt4gOO8pfm6IyCtZJSLWBI3iIj7YVG6Wi+PX6Np3AyGoD0Cqqn584BA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 28 Feb 2024 17:13:08 GMT
5IorHrDZ25x.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame 9D02 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/5IorHrDZ25x.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0bee3c4a840fc4959339c802f406fc8b5c2da290b48e3e89d48c51c5aa8efa2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Nx76NBujD0M46bd9eNh38Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1892
x-fb-rlafr
0
x-fb-debug
W6H1whamHj04jKsKzjj0HoNkg/a9S/4jf5Un6Wij1BBLy8WSywmD3DJ3/32KTbx4hpCR9KzQnV0BiLKHujq6wA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 05 Mar 2024 04:51:48 GMT
OOjVFEppVys.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 9D02 		293 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
214bd0be9b3f53103232fbe0211ee2a30796f5dbd929502378705e699d5a4b43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
p80neSEPl/4SlKJOxDugxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80148
x-fb-rlafr
0
x-fb-debug
MmK3/QrUQaj4RrP2JKrmHVQCHp7spkT1y4s08XuHH1bhR76GPGu1EyYcceA6p9WxUNuKJ7aZYwBzEfv2yZIKrg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 04:56:21 GMT
8d9nvuE3pLA.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 9D02 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/8d9nvuE3pLA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f686491871faa24d0cff64304efa19967ae845a4ad8b3fa1b89f436df7a940a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BkhM5/DFa6sxD1JZRsCLBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12330
x-fb-rlafr
0
x-fb-debug
1N04wf/IIShJ54Vn63if5XG6pISc0j5bbxNNDkk3W6Q+7zJTW7wiv8Kj4mFNAUJZ6JhO58lnpsxLWr09HcKXsQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 00:04:51 GMT
0v93XsvQZcC.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 9D02 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/0v93XsvQZcC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac83fd988bfe79517af7da2e0044875084cee765874b8a6def889374bb7de34e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
f95IDWSKdYzVrqeL9Xjn4Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16278
x-fb-rlafr
0
x-fb-debug
eNTBnl9RnauDeUqcNWW28rYioufYW0bTophAPFCvxkDAHn17+BMA9zlHV+O1cDwP8W7kC0mbyjyLiHY/HwVqJQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 02:00:35 GMT
uQDh-o4JTph.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yt/l/de_DE/ Frame 9D02 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yt/l/de_DE/uQDh-o4JTph.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ee5e459de916968a1c03e2116f3524e85cc78bcf49a3cf2c5d751ae4bcb5e90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pgdZR+4p11KoKH7kvcgUiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22737
x-fb-rlafr
0
x-fb-debug
eIBCUhSuR38ehH+WVB2wMFgNqGnSnvPf1tYBPzUGi6Fp3T+IkJ/YlWk96ksjjBYLn04tFL3D/6o2aCMMpeoDLg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 04:27:49 GMT
qmef5Z5VK-F.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 9D02 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/qmef5Z5VK-F.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50eed1741e859cff43744aec7b633d85b6894c128ec1de1aea284f9d848b7064
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eUeNZKQxY10thzICwKUH8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7184
x-fb-rlafr
0
x-fb-debug
iNRb74ZiKHaq4/UjfVelsECdTKJ2OZDFlFqVSQPjxdKFAzhlzGR5LoJrilsqP+d5f9n2Gly8j5X4ufH+n2SVig==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 05 Mar 2024 04:02:21 GMT
nMFM52FAyXC.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 9D02 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/nMFM52FAyXC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9041b3bcc26f2d4a54217036c5ff63eff2aa60ae421b3dafa88e1ced9cd72559
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2BG/nVnMndffZpRB8niX/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3891
x-fb-rlafr
0
x-fb-debug
CdYq/xll/3aBd6YMoqQ9/OGhxdvx3MxuDW4uLMPJAZk370g/XpD0j7rjivgDZ8ugIScfgIvKwhOh66XNtEAR1A==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Mar 2024 03:41:48 GMT
xjnlZHDw3xc.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 9D02 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/xjnlZHDw3xc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a4e815b0c8f982008b286f158af5c6ffe8b44d834e917ff9146b843db7f8be4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3fTvoxJeek4O3bbt1dZdxw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1469
x-fb-rlafr
0
x-fb-debug
MMZbPHaJY20Q18fVMfeGXcHMzfDlaBKsFqxw3MkaOoeq3jbKvekuRd9ThelwjOePDRgcpehl6XYMK+XMbrNCJQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 17:33:15 GMT
sVQ3JfvxQUC.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 9D02 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/sVQ3JfvxQUC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7ca86b3d2509fa402905d693a707c331bb640cbcf67318381634bf9dab8a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AsuhHdwcEb9c49p/r76wxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6950
x-fb-rlafr
0
x-fb-debug
8QPhcpNtJ2ZCR85LNDk6HBX2tNsRANMSI+7OQL+JiKdU9HnzE5SpS60Y7Ejm3EuQWGplOKnEepDIBz/XI01D8g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 02:35:51 GMT
Bm5k5CI7iZE.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 9D02 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/Bm5k5CI7iZE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5ec376905e79b0c2e6b66f89854a0e8b1cc7dff4df292f4aba9995277c82c92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n4kryOYTdO2SvsLchlpXLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
x-fb-rlafr
0
x-fb-debug
ivlzlsuBFKHkgfwANye5bMX9pznXJ/0kOaX8aSyU8Qk7qR+pfb+2Pa3gn/rlAOelR/hXN3WhTv0Ji8QSprSHFA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 17:14:20 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9D02 		507 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
VlJFw44BPu7abi1hzqDfAbkVvITDQl7J3y1WmoB3MeQF7pjVhXcboKi05qioTwBlb1lda+h/yWQVg8NNIsloHg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 02 Mar 2024 15:23:08 GMT
XSJU0UPBoGa.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 9D02 		191 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/XSJU0UPBoGa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d1e0f67db656d542c3e075d8baf1a57ec7196d7ce7ec73f6a7f3e66347ec1ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m/gp4QzzflsBT/4NbL8Kqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56375
x-fb-rlafr
0
x-fb-debug
YUkBC57HDHotyMrtTmZdxRenrA+mzbuszpdhNviPl0+Oni1xhYDWnG17BM05tbMqc21HPRxw9mB9oPmtfNPLhg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Sun, 03 Mar 2024 05:32:33 GMT
SV0HgmB8RsT.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/ Frame 9D02 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
362de89bbfb9611beef7c2c3ccdb317cc4af2bfa53228e816469c45a40547de3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
46U2bWt8OWu+fQzp2QtHxw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9061
x-fb-rlafr
0
x-fb-debug
Mg7p26qBB/210+aceG31id4bm6fwpmtsEdYFs837WflhwK6bhH3droIlIG9aVmYnSLRxsx5FIgrBYx7in5WthA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 04:40:45 GMT
zTAcZgbV8nB.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 9D02 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NST0JUomaRRhKDzRtqfVoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16144
x-fb-rlafr
0
x-fb-debug
w0VUg5c7OA3xvbswrXMnJRvnR4cOCLu2wSnXfz+Avhsi1e3KcGERB/miQylYiBToJ9A4gexNr+plTBNmuFJnXQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:58:53 GMT
V8jK12UmQ6C.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 9D02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G94KxmId/Gs6bmpfm04/RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1248
x-fb-rlafr
0
x-fb-debug
FDD1pTjiYWmi8ndLDizEHr6QTszBJYdereRhgW+meYhKQ3C30RP93YrLa5hpCa+fR31OkmtKlWpG/3dv8farBQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 23 Feb 2024 14:10:52 GMT
2f61oWyjOj5.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 9D02 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LzvT9doqy1WCjF3O/eiidA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5358
x-fb-rlafr
0
x-fb-debug
6tW+Pv1dgU+TlgiyVwpzw++XXsV42hvdwhuf0HmIRFh0VXj4o/RTMWl/W5ibEswyq51yMUyG4qYS90wqfAo2qQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 02:44:17 GMT
298805265_427005522780552_8573774939127256081_n.png
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 9D02 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/298805265_427005522780552_8573774939127256081_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0Xj3T3OkZE4AX8WZ1wf&_nc_ht=scontent-fra5-2.xx&edm=AN6CN6oEAAAA&oh=00_AfAT1aCXIMedlkk5DiyVrx-NcJXtNh1nI_ppg5J064Xb4Q&oe=640B0243
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9557801ca538e946462938475eafc1d2c363039abba5229dd139967aacd06b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
896443914
date
Mon, 06 Mar 2023 18:45:33 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 10 Aug 2022 16:56:39 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=1669958528
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
843388376
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4910
T1oMBrgJQCd.png
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 9D02 		522 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
tPtWff3w3zWgl/bp7P79NA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
x-fb-rlafr
0
x-fb-debug
caBXZf8MQjJAoTvKJFt7skcc56ByL750qrHqOLM5bhrcwKJ8Lu1oN4ANGrGyVIgZ4IMwdxryFQJDl2BW+0q9BA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:03:24 GMT
330513249_6289787425221_6321677016835788403_n.png
scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/330513249_6289787425221_6321677016835788403_n.png?stp=cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=100&ccb=1-7&_nc_sid=67cdda&_nc_ohc=jRYdTMnpnO8AX-FoTqT&_nc_ht=scontent-frt3-2.xx&edm=AN6CN6oEAAAA&oh=00_AfCE1yR0ulOA0FU-fpyogpO1XdPezj2pwwd3CZXPUWIQog&oe=640A5E20
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88415144e40f3a194751ecf157ff12b328e7798f7c96e5e8ae110c7f4dc09a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 13 Feb 2023 20:22:28 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4030689572
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2375061148
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
81525
330924588_6289787426421_8571608487746124265_n.png
scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/330924588_6289787426421_8571608487746124265_n.png?stp=cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=105&ccb=1-7&_nc_sid=67cdda&_nc_ohc=50iKTy14GFEAX8SPm1A&_nc_ht=scontent-fra3-1.xx&edm=AN6CN6oEAAAA&oh=00_AfCSLqswLhG7cKdr5-STCHmj84XRJHM6KrEOlHA2f75gPQ&oe=640AEB61
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d70ef0452cbfdd8bc38f383ce142a3588a146e6db60f683b50955f1f761f0a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
2630146489
date
Mon, 06 Mar 2023 18:45:34 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 13 Feb 2023 20:22:29 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1959927003
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1563500823
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
83181
330445972_6289787429821_4522935462414033724_n.png
scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/330445972_6289787429821_4522935462414033724_n.png?stp=cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=108&ccb=1-7&_nc_sid=67cdda&_nc_ohc=Rm2xcKlw0_sAX85wYaY&_nc_ht=scontent-frt3-2.xx&edm=AN6CN6oEAAAA&oh=00_AfBE0DYhaD7F40JhBVyDw7G1eJkuVYG5f1NC9ZiWtU0bUg&oe=640BE639
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0579ffd414cf831e6ca61ac33d37481a77a7f7a31905b6c0d9fa16769a9b3695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 13 Feb 2023 20:22:30 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=536892716
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
825690977
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
118429
330704611_6289787426621_7054309033414113847_n.png
scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t45.1600-4/330704611_6289787426621_7054309033414113847_n.png?stp=c12.0.600.600a_cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=111&ccb=1-7&_nc_sid=67cdda&_nc_ohc=uYRWIucHrYMAX_bEx-t&_nc_ht=scontent-frt3-2.xx&edm=AN6CN6oEAAAA&oh=00_AfB-7agR89T31PXvVP30zl09XMaeh6HCYPgzBG-gHhBTDA&oe=640B24BD
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9720d445e4a2b96f701ae735c1f492c65b409027b80faba95fe1810581ddf580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 13 Feb 2023 20:22:29 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1478443194
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3286797869
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
76759
331007360_6289787427021_8049981247680410018_n.png
scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/331007360_6289787427021_8049981247680410018_n.png?stp=c35.0.600.600a_cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=101&ccb=1-7&_nc_sid=67cdda&_nc_ohc=o9XO6_q3ACkAX-V0RqW&_nc_ht=scontent-fra3-1.xx&edm=AN6CN6oEAAAA&oh=00_AfBQ1_SwbHQdAO771FzeOphO3Ig9UDYwwUR9A0G1aEG9Yw&oe=640B1551
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5deb9179d1caed44af21a75c1629e384ce6cc503d0a7b80b1cb52f0c1c767386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 13 Feb 2023 20:22:29 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=699666989
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
775231497
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
79991
330271837_6289787428021_8015332272389627723_n.png
scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/ Frame 9D02 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-1.xx.fbcdn.net/v/t45.1600-4/330271837_6289787428021_8015332272389627723_n.png?stp=c18.0.600.600a_cp0_dst-jpg_p600x600_q90_spS444&_nc_cat=101&ccb=1-7&_nc_sid=67cdda&_nc_ohc=SbtKpBUx918AX-bJTEF&_nc_ht=scontent-fra3-1.xx&edm=AN6CN6oEAAAA&oh=00_AfAqkSAVeTJUglTuTnLcFUYCbW5uTZ07xzK6l_q_sDzvNQ&oe=640B06BD
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c2c128bd809e98d644ddb8c85fa1f2bf49c0f2f3e1a77d3af05ece5567b6d868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
1128243327
date
Mon, 06 Mar 2023 18:45:34 GMT
content-digest
adler32=2444967507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
98254
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Mon, 13 Feb 2023 20:22:30 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
Q_9GsEj7r3_AGQtPxNgQpKWCDniR7leO7lnCNz9TFSEPc2tktD1Lm_WKn2A-lxt3FClzXMqFEKJFHCXI_sZZho76r5y95OEnbf0BTTwP0DA
x-needle-checksum
1367885201
accept-ranges
bytes
timing-allow-origin
*
298805265_427005522780552_8573774939127256081_n.png
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 9D02 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/298805265_427005522780552_8573774939127256081_n.png?stp=dst-png_p200x200&_nc_cat=106&ccb=1-7&_nc_sid=05dcb7&_nc_ohc=0Xj3T3OkZE4AX8WZ1wf&_nc_ht=scontent-fra5-2.xx&edm=AN6CN6oEAAAA&oh=00_AfDCNW9Vt5wkUFXmRTAxjNagTaE6zevJR410vRfq4a_uow&oe=640B0243
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac11488fa5527a4fb85528c42c7144938d4fd40deea7670c1e953585e26ec91d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
896443914
date
Mon, 06 Mar 2023 18:45:33 GMT
content-digest
adler32=774307455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34136
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 10 Aug 2022 16:56:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
Rlio6qYPn-wy_QWDFTmLqCoUDQPWLmh4dqe_RDti8zXXPEdnDhTY5jZ7K0lzO5D1-LwuC3FK5Q0_Nlmt_qBRp2_-POqavyEO_MGzYY49ye8
x-needle-checksum
843388376
accept-ranges
bytes
timing-allow-origin
*
priority
u=3,i
aCXOKXHNfQH.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 9D02 		560 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/aCXOKXHNfQH.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b85fb3462f24c3b79d522773175b9a4c68385da2ffc6c875275589692abab5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
n+M1k/nOeeR7osqnbqXDJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
560
x-fb-rlafr
0
x-fb-debug
v1tpzQRfTtvhAwDAA4fR6oEyCqtU8tm8C9FzVz3zCYIh+2MyFAl+PyrG8WlHGIq8Jy+UO4WoVF0CArVnqlOIxA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 04 Mar 2024 05:36:08 GMT
ejB4TsJlShR.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 9D02 		574 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ejB4TsJlShR.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aafbda0fbf5664ddc3dabcaf4c2b53dfe6476c5230ac74998e12610b79cb5b3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
BtC3+4IFT+5HDh1IDmvJ0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
574
x-fb-rlafr
0
x-fb-debug
XIryBtQ6uLVqmqlmkgYEUGt77oe0DfdkEFrvJ9kMmZ6z+pvIyw4ruRFsG65Bt0MwsCYNHaaO2fOC7eftJQmG/g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 04 Mar 2024 05:36:08 GMT
2d1qHaEXG99.js
static.xx.fbcdn.net/rsrc.php/v3ickl4/yD/l/de_DE/ Frame 3505 		743 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ickl4/yD/l/de_DE/2d1qHaEXG99.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2324701fcc60fa70d5dc1a9cfbbf17b38008732770fda2bb578e91e66c470b56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n8aK4lRp+TFQZRDraTSaGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
192070
x-fb-rlafr
0
x-fb-debug
aduLI9JZpN30Obd5FjYskJAPeKjqlyYyCAVNaLjC7TY+Ll33/r9nwPysVnC0CFC4ID3MzvItDnMVwrI2JuHAAA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 22:37:43 GMT
1f4e6.png
static.xx.fbcdn.net/images/emoji.php/v9/t3d/1/16/ Frame 3505 		520 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/t3d/1/16/1f4e6.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6974b1b7c4c3055dec3389605d00b60a17b8a86a8c4f08f5b1ba3effacfa109a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
/sRjAfHScHSuECt2g3po3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
520
x-fb-rlafr
0
x-fb-debug
0xt8HQjO+zJJt2WSy9K7JIf2I0T/0d1ub7PvLaz+edAoKtclEN1z/gXcc4KV1X+EFAVWyL5bo2qkOk1Zcw2oxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=4
expires
Mon, 04 Mar 2024 02:27:14 GMT
1f69a.png
static.xx.fbcdn.net/images/emoji.php/v9/t16/1/16/ Frame 3505 		526 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/t16/1/16/1f69a.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11ea163c642db465db2a3e289ee7928aa1d4d8d7290a111f5825348258c99569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
ZXCnVES9Ezm5+fps89dnCA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
526
x-fb-rlafr
0
x-fb-debug
9/YBBoQ1uvIEsO7S/3BH/5gvy2S8pb8MAy0SJSmode2wF/+KdvSqitPZNfKTwQ2XObjYQgdmc83029b/8wbHXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:57:44 GMT
1f193.png
static.xx.fbcdn.net/images/emoji.php/v9/ta3/1/16/ Frame 3505 		358 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/ta3/1/16/1f193.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c480ccc54c0866ce78c03f56dd1c180adea0ab830adf4343d12eb0e4f52b718f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
84piqQHadcqMZdihfTHV1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
358
x-fb-rlafr
0
x-fb-debug
CMfSmb9QaTYf8lFmseZmApaLFyF1+FQsRASgEfhnFTbZddXIsKvyJuYHEIytq9fX0Dr03DYz6DHJije2mFtvPA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:45:35 GMT
269c.png
static.xx.fbcdn.net/images/emoji.php/v9/tb7/1/16/ Frame 3505 		527 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/tb7/1/16/269c.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42d45c9f93dde5efa2e7890a581c3acdc152aba41f9581a65b1e588b0455c586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
QNUmjqzsvRXd4P9tBE8PWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
527
x-fb-rlafr
0
x-fb-debug
D/2w1HM+IGHtc6Na1eD7dy5CpGDw3NlR1iaCBFCSTsHULaFuz2S0lLwzlIocLsEKW2zHM4qluQZQMneCuftLtg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:31:47 GMT
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 3505 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid02wSnosHrHmGFSaF6SYnX2nwtXgFUjfcyzX8tw2E62b6PEomqS96JsKBiK5L6ZfBeWl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
x-fb-rlafr
0
x-fb-debug
HDIwH0ZON9EeqX4gS8qI8DN/bSMde0Tpv1yyC5TDtjKiqdhQDY0YC+7hxDjK/kyKbEKBndz/5aDat0km4P+xbw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 04 Mar 2024 02:08:42 GMT
truncated
/ Frame 9D02 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		411 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.cestnormalauquebec.com&callback=_gfp_s_&client=ca-pub-2891529463319841
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8909f78c59d32614ede1f952bec229b5fca9b4f3295cc1b356e4d8aa5d6fba1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cestnormalauquebec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cestnormalauquebec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0170 		0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2891529463319841&output=html&adk=1812271804&adf=3025194257&lmt=1678126361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678128333488&bpp=5&bdt=427&idt=260&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5549152058674&frm=20&pv=2&ga_vid=915464089.1678128333&ga_sid=1678128334&ga_hid=1286586244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31071869%2C31072648&oid=2&pvsid=235670220095574&tmod=731098407&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 18:45:34 GMT
expires
Mon, 06 Mar 2023 18:45:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1f525.png
static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/ Frame 9D02 		478 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/t50/1/16/1f525.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5455fa80868fdd7528880b9adcb61592f8c50288214e641387219664a8cbc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
UTMPPkLwCVxnjkU6CReCLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
478
x-fb-rlafr
0
x-fb-debug
s08s/hj2p2z1fOPmcIIgtEm/O6Gq3HESxKgYj5HDfrhNO8T3E7xk/dtcNJJmieiOD5yCgqSrRuzULVVMDh+XrQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 21 Feb 2024 13:56:21 GMT
2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRe... 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0bnNqjR1oBpyT6D-B3_wexikJW9REDKzz_T1Cq3ztMeByGybHhRolZyzAozIlxrFN2snSY7jPP-K70T2-DB2dEKK74UQq16nhTr41tyco5pEz-cPh7Ln49p_ACpzw6Sor178McX-QNSEu1pRepNhpIK2QYdgw_appgXHG0HQDTWQ4El5PV2QLaO0/s817/2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20%28@maximeouimet%29%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
256753b1dc71a182c6cd645c46805cf1b8e07c8bd45e679657282f2cf366168b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v719d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-02-09 22_30_44-TikTok Policier du Peuple (@maximeouimet) _ Regarde les derni_res vid_os TikTok .png";filename*=UTF-8''2023-02-09%2022_30_44-TikTok%20Policier%20du%20Peuple%20(%40maximeouimet)%20_%20Regarde%20les%20derni%C3%A8res%20vid%C3%A9os%20TikTok%20.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280318
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:34 GMT
2023-03-06%2013_01_57-Facebook%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfLVLgSGZQZK7gQC8Qc-kaFHTy9mvWNIBsi_LE3DqmdnFn7d6s57nncRSzPQ1QG5LF2eJYSb3NXXlaTlqDK4NZvH_cfO8dON3Fhjp2ax1HhXY4B_Ke8WJe-dbHoHcg1xQ_p0nyj9-9id5WiG3U... 		528 KB
528 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfLVLgSGZQZK7gQC8Qc-kaFHTy9mvWNIBsi_LE3DqmdnFn7d6s57nncRSzPQ1QG5LF2eJYSb3NXXlaTlqDK4NZvH_cfO8dON3Fhjp2ax1HhXY4B_Ke8WJe-dbHoHcg1xQ_p0nyj9-9id5WiG3U3J9EQ95eoY6Z5q4K6ZW-jIkN6TZP4Y1402kZIzg/s1600/2023-03-06%2013_01_57-Facebook%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f1d227892e3beb07b5d4accdf393d0ca34856d1fc9793e40095b583f148f93c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v72fb"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-06 13_01_57-Facebook _ Mozilla Firefox.png";filename*=UTF-8''2023-03-06%2013_01_57-Facebook%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540608
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:34 GMT
2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQ... 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZcLq4NZ4c3WNmZvjrVgP7bvazGP15K9aSZd3dfZCy1hZoFbXpUb2_dedBrIKfyciMOFP2MurAc5mtzu0nR7WEsctpLcJmWj26_86QftaNFQkb_9_pXjK5wbntJgkUjMCLpiPMz_3pAyqNRYuQxyKaXRD8iL-9H9IqYTlwnOpF91cPU7JCQQdP7sU/s585/2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7bbc0b1d217e29d47f1aaa0a28fec110c9ff9a76f384ec63c626181be2a03e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v72f8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-05 19_47_35-Gorg Nuwa - Le Reptilien Du Peuple _ Facebook _ Mozilla Firefox.png";filename*=UTF-8''2023-03-05%2019_47_35-Gorg%20Nuwa%20-%20Le%20Reptilien%20Du%20Peuple%20_%20Facebook%20%E2%80%94%20Mozilla%20Firefox.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150103
x-xss-protection
0
expires
Tue, 07 Mar 2023 18:45:34 GMT
L0hsXTmQDMQ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 9D02 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:33 GMT
x-content-type-options
nosniff
content-md5
CTfFh11siKPUBP61de0FYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2023
x-fb-rlafr
0
x-fb-debug
N5/mrCBJT1sW3FCsptvVFYrKDP/L4VHq1X28IkE+xNYI9VQ2NOfwNqiBkxMRAc0kN3p/rCYL6ibH8ll6hqslxg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 21:32:24 GMT
d-jp8PySJfj.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 9D02 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/d-jp8PySJfj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac606e2740104a3357c9da914e5de060697cc45d6f8415576cce0007dab76d17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4EvTQXPmNzpT68WR5zcnZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3544
x-fb-rlafr
0
x-fb-debug
6BqZNT2d7QfLoxgmZZNgfH6mmZcTBwT/XnLS+QQ5ydlhumSOVV01/DoBaAYmax9UOFG3zAc8A1kbwNC/D1UKKg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 28 Feb 2024 16:34:19 GMT
OhbEpD6bbpq.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 9D02 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/OhbEpD6bbpq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a73ce166fd7cc26118761fd60d6f1db6cf2629363bac0ca3cd43d5b58882c5ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8uzYJ4Xh0VE//AlczzUloA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5888
x-fb-rlafr
0
x-fb-debug
JgiImFJjvnzQ4vZiq9g5iv5uLKjViugSvMFBYxlsXxyihniflBzf4iPSh+8p3/EkBLYtfXth3dQlKDKZlIFTgA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 02:07:52 GMT
clWPZjP4OB6.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 9D02 		338 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/clWPZjP4OB6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b317da785999703a39ebe3cdda663348dea6f4131a51fadddb5ae9d5f34b7996
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G9n/drfkBCRv18JDq6tzgw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75909
x-fb-rlafr
0
x-fb-debug
0xnPbCNQMNZ+Rr0tCc06FCuoQss+TybY/lyeFRruyxaMh8941X58uWDm8J2LOam/LZKr45Q16RaDGptiR7WyqQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:57:48 GMT
4Z3M_w-0UJM.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 9D02 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/4Z3M_w-0UJM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
132079658c336cba1f3ef486301044eea9fde89c21bcb9bb9fc4aedf492e1c1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H04yIFvSFug1i/CzD1vRiw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6013
x-fb-rlafr
0
x-fb-debug
PJvJVlxMWIUV1klSQyXxbRE8sVUv9oF2lM/0UAb3RzAYg+LduAZiMf7bvPGbI4GAQWh3IhcmXmQGS7tgQ7Z9Tg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 05 Mar 2024 04:31:22 GMT
x_oI4judh97.js
static.xx.fbcdn.net/rsrc.php/v3ih0C4/y6/l/de_DE/ Frame 9D02 		192 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ih0C4/y6/l/de_DE/x_oI4judh97.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14c3d17528c63913bcda0d109bb5d0e59a6aa3a8f4e060ffc619e0025c2ab83b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rObabNzYZgoRaLyyOFJo/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
43367
x-fb-rlafr
0
x-fb-debug
WgoGKCVhI8C1wB5540ibY6pIHiJbDvWcnP/GUE/ntJzf+l1+H50JTM+8phpCzDRqQzLgIclAK6lzBsv/zRV0bw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 04:28:58 GMT
KAtTkdVyH1D.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 9D02 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/KAtTkdVyH1D.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9abdb7c25beaeb30ccd474de827ad4ef8b07ae3c0b105c7717dce1580663d3cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zxu7Z1sJAqm30V6WE3jvug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19978
x-fb-rlafr
0
x-fb-debug
SkI5iBXH3FC6g/OXhtBMxGwIsAqhcW2tqMflnrcepA1NFC6v6xPhHjMj/Ofm5p9SnCznxUGRnpeNH8C1VGVL+A==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Sun, 03 Mar 2024 02:13:47 GMT
wQBbjgKg60J.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 9D02 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/wQBbjgKg60J.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee7b99a3fc12feb53acdfa0b228f911bf7e9c6c699595d234dc07e4805f99895
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LKumX1Kt858vj3b+GsE/hg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5078
x-fb-rlafr
0
x-fb-debug
zszVohOvW50zbwiK9LOf5Mxt5G+szUq2e8Fd9zrd88S7418RXmf550Xh28OzdOy4FB+pBUsDolxYk+uqxz8EWg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 02:37:38 GMT
nr7Fnoazya7.js
static.xx.fbcdn.net/rsrc.php/v3ifZM4/yg/l/de_DE/ Frame 9D02 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ifZM4/yg/l/de_DE/nr7Fnoazya7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
322662696846a103f187ddd4cb58c7dcc892d14f23789218ebf0740794d91c34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FAFkEY6n4uh5pPz/xHj8qA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4982
x-fb-rlafr
0
x-fb-debug
AdYiN8dzWCcBADXgJHqge6faw35qHwVRR3Y45+mdQtBR5uWxAlVQ3lXowhOIM1gVgcODZeRjEnD2mWlDX4dhvg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 04 Mar 2024 00:50:07 GMT
b6J-S4OeJWx.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 9D02 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/b6J-S4OeJWx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f02c640034e315030e4762459ef8254f35c282fd2249379c4a453f00f0b33f64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9mVSB3SnflYmG0moDMzz/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4863
x-fb-rlafr
0
x-fb-debug
+Qa3GYgRYiX5xTSOfYPoq6NvPZ2UTm/0OUfk6aNsGLRXfjUH1asBYnDuQZvZHBw08hoCvsvEVTxOsbyKbxq4Tw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 03 Mar 2024 00:42:31 GMT
moIjdFW_HsE.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 9D02 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/moIjdFW_HsE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a83395582e8d85bbe5dcb3941bf68b8c8285e5f94128506797f3ebc5de9f0c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8RRN+uJ2VPOarON3ViJyGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7847
x-fb-rlafr
0
x-fb-debug
HvrUIE7YSDoQLu7NslxEqr48aHJLPtFHBKLFyJd6ORF3vBtbuEqceU3Qd02OSp9GWg7FfgwnyPVyzZeqf/13gg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:11:31 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 9D02 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
x-fb-rlafr
0
x-fb-debug
wU5oD/Eq8/xnogiFltn0QX5/EltKVcxtN9kbLdbdRDllOspVI8PsbAbRvaXi3Saqbsy3xK5RljgBfg8h1GjpBQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 02:06:52 GMT
1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame 9D02 		79 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-fb-trip-id
1679558926
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79
expires
Mon, 06 Mar 2023 18:45:34 GMT
event
plausible.io/api/ 		2 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cdn-edgestorageid
1080
cdn-cachedat
03/06/2023 18:45:34
cdn-pullzone
682664
application
10.0.0.3
content-length
2
x-request-id
F0no1Cq6npr2tbEk490B
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
4f07e9027fe894d8cdec74bbe1cb2f2a
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
script
carbon-cdn.ccgateway.net/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
b388be0ff15184b2f4b843bdb102390363dc7ef40fa0e03d94d4fc93a5f0462c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cache-control
private,max-age=900
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
7M143009WAXN3Q25
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=
.js
dyv1bugovvq1g.cloudfront.net/54/www.cestnormalauquebec.com/ 		1 KB
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/54/www.cestnormalauquebec.com/.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:3a00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a981f16b9645ea2050060c0c12540d77f522e3e5bf2666671903fdc58c1349b

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
via
1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
308
last-modified
Mon, 06 Mar 2023 18:37:31 GMT
server
AmazonS3
etag
"7b55da39beab09e5b0faba7c79547c81"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
y17AVPy_wU2ZPqDwLQrnuEZ_Bpv2hVRhYxj69WR6rswz-BlhrhzE0g==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230306
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
961c91d039359f9f3f327a29ae77dd65d21000f00895751035186f158e32505e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
9886
x-jsd-version
1.0.1638
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
878
x-served-by
cache-fra-eddf8230103-FRA, cache-hhn-etou8220067-HHN
x-jsd-version-type
version
etag
W/"636-6Zylw4j3AYlTeu7oHM9VNBnL3Fw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73c125104fd676f87dd839bc0c125b9fe50ca7d45070e509ec6b1067d37c798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26811
x-xss-protection
0
server
sffe
etag
"1502 / 785 of 1000 / last-modified: 1678104717"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Mar 2023 18:45:34 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=54
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76e1d80a5a1796d532f9cce4447bddcd1ce337d0a64fd3c402236689a6c59f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
SCvhCd.F0rugqrSPf.h3WmdAIU1_6J.T
content-encoding
gzip
via
1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront)
date
Mon, 06 Mar 2023 14:37:23 GMT
last-modified
Mon, 27 Feb 2023 18:07:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
14892
x-amz-server-side-encryption
AES256
etag
W/"c4d545d7f21f1b4d28635ad2ab41be9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
A8kFoesTymS1h-_uiqM__nSWG7mT_wuyVgZaFuTCguoJLlqvU9v8cw==
apstag.js
c.amazon-adsystem.com/aax2/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:35:33 GMT
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
last-modified
Mon, 06 Mar 2023 18:04:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, VIE50-P1
age
602
etag
W/"674325314aec17fac6c83c44b2e5566d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
0pet300FTnzbW4-e7wI3QkTLKcex_eBhH_UwXwUOzhjZ6Q7greXgPQ==
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7a3cc1aaae4b9c0c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
services.js
js.gumgum.com/
Redirect Chain
  • https://g2.gumgum.com/javascripts/ggv2.js
  • https://js.gumgum.com/services.js
105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Server
13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2056e07e1af0d4dbefc121e58e0e7b735be005729ab99ca1706f3f66a004facb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
4.il0OhnTJkhlGkcWjvpUgGiqO_dHmv6
content-encoding
gzip
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date
Mon, 06 Mar 2023 18:45:35 GMT
last-modified
Mon, 23 Jan 2023 17:45:20 GMT
server
AmazonS3
x-amz-meta-timing-allow-origin
*
x-amz-cf-pop
FRA56-C2
etag
W/"e0cde34544fac60f218dfb3847f0ef24"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-meta-access-control-allow-origin
*
x-amz-cf-id
VhGtZIFk6eoEU56yNDeQQra7XTLF294G4uiH7VFWbYRB8sfyuYPOmQ==

Redirect headers

location
https://js.gumgum.com/services.js
access-control-allow-origin
*
date
Mon, 06 Mar 2023 18:45:34 GMT
server
nginx
content-length
162
content-type
text/html
/
www.facebook.com/video/autoplay/nux/ Frame 9D02 		812 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/video/autoplay/nux/?fb_dtsg_ag&__user=0&__a=1&__dyn=7xe6HzE4e685KbwKBAodod8d898nwgU29zEcWwMwu821wvE3vx60Vo1upEdEnwcG0KEswaq0yE1Vrzo5-0km7o1O81u83mwaS0zEnw4mw6iw4vwbS1Lw9C0z8&__csr=&__req=1&__hs=19422.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1007056156&__s=%3A%3Akflqpz&__hsi=7207506309218450858&__comet_req=0&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yt/l/de_DE/uQDh-o4JTph.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
71661a4cd1d603e413722d05916a3851d84dd52349f1fd55b4e4aec723fd67cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
SozPwdMEVVWDkQdVnIo287
Referer
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 18:45:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
VIBT3cy1Moa4hfQRbYnMQDuKOP5/J9XccJrYGr63HwYHHxyfHch/w/iouVXa+C/NZ6q/qyuMYE8LLPlC2ehUyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2023022801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132270
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Mar 2024 18:30:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		138 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cestnormalauquebec.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65fcad67170e457f3515f916a639a5b061188f04741539b52cdb4e809d52ef40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
expires
Mon, 06 Mar 2023 18:45:34 GMT
fpc
at.teads.tv/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_18458&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:34 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 06 Mar 2023 18:45:34 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
via
1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Ov_foT48JjHLTIeB5FJdnJT5Psk0C5mcM8KxRbZQVWAX2HBPcvWIVA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding
gzip
via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
date
Mon, 06 Mar 2023 03:38:07 GMT
x-amz-cf-pop
VIE50-P1
age
54448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 03 Mar 2023 23:20:46 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fBDfw1Csj7oIal3j7CjkLeIHIubTYbZHTq6S6M7niMYE0k5QMskmEQ==
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7984
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3cc1ab981d9c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
139271940
fundingchoicesmessages.google.com/i/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/139271940?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45868832c7647763c29e1476758924470a884a9e4cc4af95d47b89ba8d444327
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K4CHekUAXwGlYESROTLdFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-K4CHekUAXwGlYESROTLdFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D54%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-253.compute-1.amazonaws.com
Software
/
Resource Hash
2333c4c36dfd5c809c2b30a6a0c0b3b634d976b70ca0a13d021731d34af27c45

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Mon, 06 Mar 2023 18:45:35 GMT
x-amzn-RequestId
13c9b194-3418-5d10-85dd-ed1403177136
Content-Length
378
Content-Type
text/xml
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 9D02 		198 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-rlafr
0
x-fb-debug
nK8X5tMsHm5p06my+eoqvUYR4GVFYd04dEk/wf+y3GxgPde2hz5QHtMF3JOnFh/iBGAv3DDBna2EUl6uRK1Kqw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 03 Mar 2024 04:22:16 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 2090 		0
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1ac29229c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:34 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 58CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 18:45:35 GMT
X-Sovrn-Pod
ad_ap6ewr1
/
www.facebook.com/login/ Frame 9D02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpost.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FObaskaDesign%252Fposts%252Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl%26show_text%3Dtrue%26width%3D500
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/OOjVFEppVys.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2FObaskaDesign%2Fposts%2Fpfbid0MJc2CctRz7NTVEzkP9TXyZCSBzYyD4M6xR3rUh9M1GdR4ZFdvLZQZ95RnW3pTicpl&show_text=true&width=500
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Mar 2023 18:45:34 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
sFCuB9dshPx2H0ou6OXsOs32gGEHCdElaSfzN1KZHYr9iZIhrqmHl1+fLjh2pz1At9eb0woISA/3sTzlFIzQIA==
x-frame-options
DENY
x-xss-protection
0
user.js
script-api.ccgateway.net/script/launcher/1/ 		1 KB
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/1/user.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
userId
script-api.ccgateway.net/ 		225 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/userId
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
4e326e178f5a648d21f35b7775100d4eb176fb8336fc7606b2f3f2ffaafa0b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cache-control
private,max-age=3156000
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
api.js
script-api.ccgateway.net/script/launcher/3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/3/api.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
1a5c4cdf15c9770ba7e3369eaaeb5
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 1B5D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/1a5c4cdf15c9770ba7e3369eaaeb5?gdpr_consent=&gdpr=0
0
694 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/1a5c4cdf15c9770ba7e3369eaaeb5?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1b118e69c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 18:45:35 GMT
Expires
Mon, 06 Mar 2023 18:45:35 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/1a5c4cdf15c9770ba7e3369eaaeb5?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1678128335387055-387
imp
g2.gumgum.com/hbid/ 		376 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678128334829&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aoop-1&fp=3&fpc=USD&t=yznhjw0t&pi=2&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=10240
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.216.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0321f2445e5a7aba373bd6fedd44e4dd59b3d59bea3e90c3fb35239f0c2851c3

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1678128334831
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.24.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-24-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f133b142d7c1f8065c588486360fd217d64fc61a2d572f06342381da54a0d278

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.97.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-97-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3cc1acea7c9c0c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 06 Mar 2023 18:45:34 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d5056a0f3e7b17d78845e122fe346c47d389bada905e5c71fbec373e4fdc38c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
8c24b735-47cc-4001-950b-6559f4877129
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=yLVE5XDvJzUj8&cb=0&ws=1600x1200&v=23.303.721&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-outstream-1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x350%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aoutstream-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-191-98.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
6WQ2YFB6JVFBZMRADFMG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
asb_1Xw5Um02v6TfHVRiDji5GjQyVbBXFkU9P86qi8Q_xxrPK3UYZQ==
v1
match.sharethrough.com/universal/ Frame BFE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5833b9047a576a1d225c742823d3d36b656a8f1e4c25c761f3f6c7b115e4dae0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
ad535f76-ccae-4885-ad35-904a98d949e9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4fb93925a121a98fb2e1dc1f938d4cf3fbb070c1ec33b33d8a2dde2ec94bc2d6

Request headers

Referer
https://www.cestnormalauquebec.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
content-length
84
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 06 Mar 2023 18:45:34 GMT
v1
btlr.sharethrough.com/universal/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
83ae98fb8295c237f3ffe0a5c0c4a935af9cd3384431e2020d0357c64ed6dc08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
64c34e8f-ab19-4034-8fe6-72af35564ba0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3cc1ad2ad79c0c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976336&size_id=15&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=540f7af8-b061-4b36-8628-960f29576abc&l_pb_bid_id=28bcc36646b8625&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.9119985878758496
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1145669c62f948bd419f77ec03deccf66f8f91df6fd173f32f0cff516a24891a

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		376 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678128334902&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Acontent-1&fp=0.1&fpc=USD&maxw=300&maxh=250&si=110817&pi=3&bf=300x250&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=10240
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.216.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c810b3bb3f826c8417f113789cc404da172fdca277cf6dc03c7309c44ca9352c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.97.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-97-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=yLVE5XDvJzUj8&cb=1&ws=1600x1200&v=23.303.721&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-content-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Acontent-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-191-98.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
JJT7DQNHDPTFHR576D3E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
l_968wiwwHSe3N0SoB76d8XGYelBdYrBoII9sqIvrWk05ezj30Uc7A==
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 06 Mar 2023 18:45:34 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7799c4f6de8f1d60958e8733c4a2dc52ab65725b91418981f7e3bbb9fa41f25b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
e28a0066-0616-4759-afe3-ce5b2a548264
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3cc1ad3b129c0c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
03f02c28a301d2f0d267219c81773108074ae4e7ab3bbdd4de6b311749795690

Request headers

Referer
https://www.cestnormalauquebec.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
content-length
84
imp
g2.gumgum.com/hbid/ 		376 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678128334913&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-1&fp=0.1&fpc=USD&maxw=300&maxh=600&si=110830&pi=3&bf=300x600%2C300x250%2C160x600&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=10240
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.216.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
894592c46994ffb95965c660dfa72458e35ca0a1ef120653d823f55adcccdbd0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976364&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=0d9d6878-3f2b-45da-b43a-3332f0df5758&l_pb_bid_id=46ec09e2835f9c5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.9586121229319482
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
17d3ef9a303862a145c53f96a6a61cff6f745a5efb33fd3988dcd32cbe2e2e6e

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
048f8ebdddf15b612137f26a5e1e08da8515afeb09723421181cf8cdc17e9d8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
5dbd724f-8ea3-4d1d-8dd1-bb49e6d9558f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.97.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-97-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=yLVE5XDvJzUj8&cb=2&ws=1600x1200&v=23.303.721&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-side-1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-191-98.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
2VHYYQBNHD5BK30ESTT5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
N6MWTfBSgM2H1WtloVKlYf6IPUPZLeHg9qdH-EUKY10NReDPIVGVAw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=yLVE5XDvJzUj8&cb=3&ws=1600x1200&v=23.303.721&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-side-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-2%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-191-98.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
BZ6P1B4Q8KYX24GMSHCF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-Q1VKzSWmTvb_jWwkGrw8cyAT-J3DoGqabPrfmOPrKcq2igvjihM9g==
smw888.gif
us.ck-ie.com/ Frame 3823 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:35 GMT
Server
nginx
DH4A7NYIce3yHbXMEt7F
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 5956
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DH4A7NYIce3yHbXMEt7F?pi=smilewanted&tc=1
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DH4A7NYIce3yHbXMEt7F?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1aead789c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT Mon, 06 Mar 2023 18:45:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DH4A7NYIce3yHbXMEt7F?pi=smilewanted&tc=1
pragma
no-cache
AGSKWxXembkwyn52YZVgSYNgoL5TBqK4bDYDhZoJZ1OWhuYBk7Pxqjdhex380zYK9IkEntBnAM3D3plOW2KkdlQIY7M=
fundingchoicesmessages.google.com/f/ 		511 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXembkwyn52YZVgSYNgoL5TBqK4bDYDhZoJZ1OWhuYBk7Pxqjdhex380zYK9IkEntBnAM3D3plOW2KkdlQIY7M=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MTI4MzM0LDk5OTAwMDAwMF0sIjU1NkVBREIyLTlGRjMtNDY5Qi1BQUU0LTI2NDlFQzdGNjI0MSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmNlc3Rub3JtYWxhdXF1ZWJlYy5jb20vIixudWxsLFtbOCwiVDdxdWM0cFNHNWsiXSxbOSwiZGUiXSxbMTcsIltmYWxzZV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.T7quc4pSG5k.es5.O/d=1/rs=AJlcJMyXI-t-ezr2OyCSftANdtkc9vgHEw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0ac128b9e9e8778b54996d17145f8d7accfd596fe8edb3deb7840f1f47cdd87
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YRRlk1iGomdZuyEuVURipA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YRRlk1iGomdZuyEuVURipA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 7D16
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
78c6124c-a95c-48e4-b2be-22551c3a5e1d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:35 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1ae1c7c9c0c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:35 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
server
cloudflare
bundle
script-api.ccgateway.net/script/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/bundle?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
8d2def7c557921e4264cb54467a0f3f7b6d3316bc732de89753cf00a3ac9a4b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
public,max-age=1200
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
bz
www.facebook.com/ajax/ Frame 9D02 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cestnormalauquebec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cestnormalauquebec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT
server
ATS/9.1.10.25
connectmyusers.php
cdn.connectad.io/ Frame 4111 		1 KB
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a3cc1ae994c372e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:35 GMT
last-modified
Mon, 06 Mar 2023 17:51:53 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame B36C
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
location
privacy-location-edge.ccgateway.net/privacy/ 		2 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-location-edge.ccgateway.net/privacy/location
Requested by
Host: script-api.ccgateway.net
URL: https://script-api.ccgateway.net/script/bundle?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame F510
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
0
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1afaeda9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 06 Mar 2023 18:45:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/8f5d4e4a-bcd4-49b4-915f-98317390e2f1&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1
sync-eu.connectad.io/syncer/ Frame 412B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a3cc1af0a13372e-FRA
date
Mon, 06 Mar 2023 18:45:35 GMT
server
cloudflare
sync.php
pixel.rubiconproject.com/exchange/ Frame A050 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cestnormalauquebec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 18:45:35 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
136b1325d0b5036cb677ba0709da17321180b9b39ed3b8ab2da695b2fcb99836

Request headers

Referer
https://www.cestnormalauquebec.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/ 		138 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3d3b63cc02bda81beac3d0cdc77c98a2878fd00fd3cbc1683d84627a270512e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
a1c77826-ceac-4efb-b7b0-297b75907839
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976366&size_id=15&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=bba543e7-dcd5-4991-add9-e307ee41d86a&l_pb_bid_id=6218726eb3c985c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.6016559098445136
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
439b9ade3d15b52aefcfcc6157f7b84c1ad4336a18ab00f4e2756491a2813b72

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Mon, 06 Mar 2023 18:45:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
866436eac9d2fde2af47d295c184c9f3ff6488ab625d52e18d3269f7335e0d7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:35 GMT
AN-X-Request-Uuid
66ece7fc-aafd-48ae-a082-772be43195ff
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.97.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-97-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3cc1af3e3c9c0c-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
imp
g2.gumgum.com/hbid/ 		376 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678128335223&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-2&pv=1306526f-128c-4fe3-8f75-0ae57a151e4c&fp=0.1&fpc=USD&maxw=300&maxh=250&si=110831&pi=3&bf=300x250&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=10240
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.216.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
894592c46994ffb95965c660dfa72458e35ca0a1ef120653d823f55adcccdbd0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 06 Mar 2023 18:45:35 GMT
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.T7quc4pSG5k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyXI-t-ezr2OyCSftANdtkc9vgHEw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9e9b25183086d9a4f38ffa75b83c2ac9be135dfc45e599e5160b425836251c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:45:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:45:35 GMT
AGSKWxUj9Tmp69ecSSIUPnd7QIqxW18nfQZjuKn6ATIS1HQqAf4Uci4jUOKEnEg_Od0C1QL2GgzSYbVJo6M8uM18ikoMV2EqxicvMxbE7cL_JkebEoQQMG5-2V9eVax4UjHHZ-ZgaOAIiQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUj9Tmp69ecSSIUPnd7QIqxW18nfQZjuKn6ATIS1HQqAf4Uci4jUOKEnEg_Od0C1QL2GgzSYbVJo6M8uM18ikoMV2EqxicvMxbE7cL_JkebEoQQMG5-2V9eVax4UjHHZ-ZgaOAIiQ==?dmid=5ec9f3750f6736cb
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.T7quc4pSG5k.es5.O/d=1/rs=AJlcJMyXI-t-ezr2OyCSftANdtkc9vgHEw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gj1IHbifW0xI6whly1_8oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 18:45:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-gj1IHbifW0xI6whly1_8oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:42:54 GMT
x-content-type-options
nosniff
age
161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 18:42:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 14:05:36 GMT
x-content-type-options
nosniff
age
362399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 14:05:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:44:24 GMT
x-content-type-options
nosniff
age
414071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 23:44:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50db9dcfb7ede3de416ea84a979fef13e69bed0bdd70af4a4a77331924dbe56b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11337
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 18:45:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B82 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4394
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 17:32:22 GMT
expires
Tue, 05 Mar 2024 17:32:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB87 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40a6d985b75ce3a75ee5c9d801bf01ce80e73fd1d9098118784a50903f36894c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kSrbTrHLjZG7CRAdRzPbxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-kSrbTrHLjZG7CRAdRzPbxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 18:45:36 GMT
expires
Mon, 06 Mar 2023 18:45:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
pagead2.googlesyndication.com/bg/ Frame 0B82 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 16:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
93071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14167
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 16:54:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BB87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=235670220095574&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0B82 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aYx1_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=235670220095574&bg=!QEOlQxfNAAbv3-2Ez987ADkAdvg8WoqZQ5_eQIm1qG_05nVZMhQObzmvnufNO0UK4-QoG7ZjjXav1EZHn7HSaCh0Y5Q1PxyUryECAAAAbFIAAAAEaAEHmQKjT946sAAewKPDtpy0z83axEV0V18oNE-y35KxwzOWframb5Yf2pwCXm5O2AFA0oR4xSBVMiUUUkvRGcpNSSny6MHq57xC4A3I23CMZTXtiebCaiCxyNX8bXIJPrtvySd11B0_OTNavBKI-sY_gP3zKjllcXQc5CZ02Lvn_1tywnJSPeYGqiQWq5lXAtQqMvsqKxTzC0e_VpVuSXfno8dIrquqyEhZLIRDR6U3Z98zQPfCI8d5GNTCvwVLwYCF4IWS1o_6O_M4qEdXoMHspXC6T1LPfOUdof5MUoE63QztxhFH7aaU7I-H_S07xGeUcSNBP-7_xxOvt_xCRXUZ4_8mGu6_1VrNgaYNjl8H-2SRWtJkAiP3nTiGem72GQM7uYh5xypPw_8T7-OmzyBa4UQIX0HF5Uknb0fX506ldMxGqJY-j5JPKQJqwu1VaXVSHIPa6fvWEbDyJRw3Ld7qcxdQVVprDU1G9xQQVZqdosMHxNVANise5sCbflVX3Ftiqpq_oucqjzuWqgST5JaO_Z2FAS-yW4pE08eyZnpJM3dUZrF7myTdDM6V0x63iJiJcfhSYDmQr5uIuK0tOoC0cNBTe_-761WsDRzhGzTOZKxUvofB-xeblejO73vivTuBKl_zTFVsiPjpCntyNfI5YvC7--VVvTqeHXZWqmy7AVXZC2o3sScQB4GEY5g6OrFkBRh1RWkUzwv-bJXYP38qyboXRIXZ7uVM7Mqej1ZoW1vvLJjcYNdNfjGVX7h5mRJGtGGGe81PSmR8VVUikRY-oWiJf2dfU7rP3XRefvaqUrlCqxYu-ZgNp4eGvuAXPJLyEo0WkY8Hm7wb0B1gbWZM36SwbufHZgsr5jY_3i7CoFdDflTU7aUt4IM1aLwR2OiEghX0MdvY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
services
g2.gumgum.com/zones/z8p7v025/ 		335 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/z8p7v025/services?dp=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&rf=&r=3.87.26&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.26%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=b79da168198b22e7e0efadcbbc083763b0bc8ff4&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1678128337600&to=0&vpii=false&vph=1200&vpw=1600&gdprApplies=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/javascripts/ggv2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.216.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-216-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
178deec96d995ed4083859ca2635b95f8206b0dbcc6aa3d24c47557a309ce917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:37 GMT
content-encoding
gzip
server
nginx
etag
W/"0ff73a96ef3626ccbb47bed3ac8d4a1ed"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 575F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame EE63 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a8824b3ec62bde56134289fe34322adadf5e1e5b1cfee6bc4fdbf861f4da41

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c1ec7d9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 8174 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a8824b3ec62bde56134289fe34322adadf5e1e5b1cfee6bc4fdbf861f4da41

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c1ec7e9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4429 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3BF7 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 06 Mar 2023 18:45:38 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C407 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E855 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 06 Mar 2023 18:45:38 GMT
/
csync.smilewanted.com/ Frame 769D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a8824b3ec62bde56134289fe34322adadf5e1e5b1cfee6bc4fdbf861f4da41

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c1ec889c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame A10D 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 06 Mar 2023 18:45:38 GMT
usync.html
eus.rubiconproject.com/ Frame 4A12 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.214.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-214-41.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 18:45:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3C45 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41596
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 06 Mar 2023 18:45:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 27 Feb 2023 06:34:24 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
27, 553429
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220040-HHN
X-Timer
S1678128338.316930,VS0,VE0
sync
eb2.3lift.com/ Frame AADE 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 06 Mar 2023 18:45:38 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame D508 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=amlb1z1678128335190
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.24.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-24-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d8090c9a123fda567ca8d8095219d6756c41ebc43b5efa2261661ac520c52b57

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 18:45:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F852 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41596
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 06 Mar 2023 18:45:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 27 Feb 2023 06:34:24 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
27, 552569
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220030-HHN
X-Timer
S1678128338.313623,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame CD06 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41596
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 06 Mar 2023 18:45:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 27 Feb 2023 06:34:24 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
27, 545110
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220050-HHN
X-Timer
S1678128338.321949,VS0,VE0
/
csync.smilewanted.com/ Frame 06E1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a8824b3ec62bde56134289fe34322adadf5e1e5b1cfee6bc4fdbf861f4da41

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c20ca19c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31F9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1678128333222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 06 Mar 2023 18:45:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
jp
rtb.gumgum.com/usync/ Frame B6A4 		55 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-b2bc81a0-f502-4cad-8c52-df3c2801f45a-46478-121402657%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=16
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=amlb1z1678128335190
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.240.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-240-6.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
etag
W/"0656d408e84feebb88e950b10efb49503"
server
nginx
timing-allow-origin
*
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EE63 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7988
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3cc1c29d8b9c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 8174 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7988
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3cc1c2cde99c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 769D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7988
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3cc1c30e5b9c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 06E1 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
7988
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3cc1c32ea49c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 575F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82077910&p=160753&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ee8c313a1d5afea79a6e3642c43bb9c465773955f56dd5744a28eed1e225cbde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame F852
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
84626b05-76b9-4c01-b3d0-379680941e81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
f4cd8779-1872-44e9-bb0f-bdb59b105551
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 3C45
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
d347ed76-fc74-4a6c-afc2-4f76021ce0ec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
3e7674b1-e021-4ec5-a705-7918d14f2b38
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame CD06
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
0a3957ba-a925-47b1-8fda-df134881b631
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:38 GMT
AN-X-Request-Uuid
8b576ace-ab7f-4b72-9a0e-ba3a2246215c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame C48F 		0
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c35f049c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame C966 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c36f169c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D63D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 18:45:38 GMT
X-Sovrn-Pod
ad_ap6ewr1
pixel
ap.lijit.com/ Frame 93EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 18:45:38 GMT
X-Sovrn-Pod
ad_ap6ewr1
drop_cookie_sw.php
csync.smilewanted.com/ Frame A0A8 		0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c37f299c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 1EBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 18:45:38 GMT
X-Sovrn-Pod
ad_ap6ewr1
drop_cookie_sw.php
csync.smilewanted.com/ Frame 4AB8 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c38f459c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame F831 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 18:45:38 GMT
X-Sovrn-Pod
ad_ap6ewr1
v1
match.sharethrough.com/universal/ Frame 5020 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
v1
match.sharethrough.com/universal/ Frame E2C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
v1
match.sharethrough.com/universal/ Frame F9B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
v1
match.sharethrough.com/universal/ Frame 7BA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6786
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&gdpr=0&gdpr_consent=
42 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 18:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
Mon, 06 Mar 2023 18:45:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master cdg-pixel-x27 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1576
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5868299933476527047
42 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5868299933476527047
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 18:45:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5868299933476527047
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 2E0F 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Mon, 06 Mar 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
540263
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 575F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ki2t6rzNTP6BMldc8CfG9w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50344
accept-ranges
bytes
content-length
5554
expires
Tue, 07 Mar 2023 08:44:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 575F 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-114-167.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.49
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 575F
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4110925331
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
via
1.1 google
last-modified
Mon, 06 Mar 2023 18:45:38 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
date
Mon, 06 Mar 2023 18:45:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 575F
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjZjN3lCYnNDbkJSbWlrT2dKem1mSnR3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=9023916927671476795&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
35.170.206.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-206-70.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 18:45:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 06 Mar 2023 18:45:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 575F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkEyREFERUEtQkNDRC00Q0ZFLTgxMzItNTc1Q0YwMjdDNkY3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 18:45:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 575F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJe7fncAA-NfYrgumGm8Zjk&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJe7fncAA-NfYrgumGm8Zjk&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 18:45:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJe7fncAA-NfYrgumGm8Zjk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 575F 		43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 05 Mar 2023 18:45:38 GMT
generic
match.adsrvr.org/track/cmf/ Frame 575F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 575F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9023916927671476795
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9023916927671476795
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 18:45:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9023916927671476795
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 575F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2A2DADEA-BCCD-4CFE-8132-575CF027C6F7?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ba00:e0e6:3fe7:92c1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 575F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CdDvfYJE2uVj2.L6FUavWtbEAtclSPw-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CdDvfYJE2uVj2.L6FUavWtbEAtclSPw-~A&gdpr=0
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CdDvfYJE2uVj2.L6FUavWtbEAtclSPw-~A&gdpr=0
date
Mon, 06 Mar 2023 18:45:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 4A12 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.214.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-214-41.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e56906b16ec897a3ca7e61d23583679bc5a227a2e40315f6305d78507eb70d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 18:45:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 04:54:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36513
Connection
keep-alive
Content-Length
10005
Expires
Tue, 07 Mar 2023 04:54:11 GMT
smw888.gif
us.ck-ie.com/ Frame B411 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:38 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 27AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:38 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 63E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:38 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 0FC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:38 GMT
Server
nginx
setuid
ib.adnxs.com/prebid/ Frame 4F9B
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
649ca1b3-c5a8-46b4-b1bd-a8ff0a323e2b
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c458bc9c0c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame A281
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
110d877a-35a7-4f26-b8df-f5f15eca3a4a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c458cd9c0c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 1CCC
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
b3941c38-ae5b-4665-8461-af8bb74a0807
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c468e59c0c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 5E62
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
15d326c9-b276-4f0e-a94e-95ffa6fa32b7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.125; 146.70.117.125; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c478f59c0c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=001676d1bf3d03bf1ff9a9c7780dee06
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame C283 		1 KB
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3225
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a3cc1c49f16372e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
last-modified
Mon, 06 Mar 2023 17:51:53 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 9D17 		1 KB
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3225
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a3cc1c4af27372e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
last-modified
Mon, 06 Mar 2023 17:51:53 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 86A7 		1 KB
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a3cc1c4bee0900c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
last-modified
Mon, 06 Mar 2023 18:07:58 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 6B10 		1 KB
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a3cc1c4beeb900c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
last-modified
Mon, 06 Mar 2023 18:07:58 GMT
server
cloudflare
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 98CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c4ff1d900c-FRA
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
getuid
sync.smartadserver.com/ Frame AD83
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 0576
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 794A
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 80A8
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 06 Mar 2023 18:45:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sync.php
pixel.rubiconproject.com/exchange/ Frame 14EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
sync.php
pixel.rubiconproject.com/exchange/ Frame 8A74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
sync.php
pixel.rubiconproject.com/exchange/ Frame 42D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
sync.php
pixel.rubiconproject.com/exchange/ Frame 08F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 468F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5665 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 069E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CD5A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50344
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 18:45:38 GMT
expires
Tue, 07 Mar 2023 08:44:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ZAY00mdfkUvvXF-7INo8DQAA%261188
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 7DA0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00mdfkUvvXF-7INo8DQAA%261188
0
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00mdfkUvvXF-7INo8DQAA%261188
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c68c549c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00mdfkUvvXF-7INo8DQAA%261188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ZAY00ncHdNLVpe9HuVnL.AAA%265275
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame B10F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c68c579c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ZAY00ncHdNLVpe9HuVnL.AAA%265275
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame F4AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
0
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c68c569c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ZAY00ncHdNLVpe9HuVnL.AAA%265275
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame F5E2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c68c5a9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 06 Mar 2023 18:45:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ZAY00ncHdNLVpe9HuVnL.AAA%265275
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
16db0492-bc4f-11ed-9e01-1e5bf6c20106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 4374
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16daff02-bc4f-11ed-b922-169e7f670106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
0
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c71d649c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:39 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Server
nginx
X-fe
26
16db0492-bc4f-11ed-9e01-1e5bf6c20106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 6462
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16db04fa-bc4f-11ed-9e01-1e5bf6c20106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
0
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c71d639c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:39 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Server
nginx
X-fe
108
16db0492-bc4f-11ed-9e01-1e5bf6c20106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 1549
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16daf73a-bc4f-11ed-8082-14d534130106
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c71d6b9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:39 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Server
nginx
X-fe
48
16db0492-bc4f-11ed-9e01-1e5bf6c20106
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 64C7
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=16db0adb-bc4f-11ed-b0ff-1ef5e1e50406
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
0
102 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3cc1c71d5f9c0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:45:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 06 Mar 2023 18:45:39 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/16db0492-bc4f-11ed-9e01-1e5bf6c20106
Server
nginx
X-fe
24
rubicon
match.adsrvr.org/track/cmf/ Frame 4A12 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 06 Mar 2023 18:45:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 4A12
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rfS4Bin6R1SxICW85llVfg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rfS4Bin6R1SxICW85llVfg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rfS4Bin6R1SxICW85llVfg
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
28ER2MF0MXBCW70RXW79
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rfS4Bin6R1SxICW85llVfg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4A12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_rFgD20BHx0otVcbNJOWA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_rFgD20BHx0otVcbNJOWA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_rFgD20BHx0otVcbNJOWA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 4A12
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEX6A6EF-U-1WZ2
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEX6A6EF-U-1WZ2
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:45:38 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3DBCC7781A4E4C5D84E337E61BFDBF77 Ref B: FRAEDGE2017 Ref C: 2023-03-06T18:45:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2P7OOJSJsusO168T0Jw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEX6A6EF-U-1WZ2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4A12
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlNmNlNTA3YjNkNDM4MTM4YzI5MDI5YmQwZWZmYzhhNThiMDA3ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlNmNlNTA3YjNkNDM4MTM4YzI5MDI5YmQwZWZmYzhhNThiMDA3ZA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlNmNlNTA3YjNkNDM4MTM4YzI5MDI5YmQwZWZmYzhhNThiMDA3ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4A12
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Sqd0oqfHfg-GUzdgVP1wAw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-clmzKiZE2oKVETpgHENJ_QDUcZ.3KSxEqUX0Ig--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-clmzKiZE2oKVETpgHENJ_QDUcZ.3KSxEqUX0Ig--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 06 Mar 2023 18:45:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-clmzKiZE2oKVETpgHENJ_QDUcZ.3KSxEqUX0Ig--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4A12
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=K3RoQuJ3S0iqP2DQNglMyQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=K3RoQuJ3S0iqP2DQNglMyQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=K3RoQuJ3S0iqP2DQNglMyQ
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 18:45:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NWKVEST99SE675XFNAHP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=K3RoQuJ3S0iqP2DQNglMyQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4A12
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYNkE2RUYtVS0xV1oy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYNkE2RUYtVS0xV1oy
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 18:45:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYNkE2RUYtVS0xV1oy
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__comet_req=0&__dyn=7xe6HzE4e685KbwKBAodod8d898nwgU29zEcWwMwu821wvE3vx60Vo1upEdEnwcG0KEswaq0yE1Vrzo5-0km7o1O81u83mwaS0zEnw4mw6iw4vwbS1Lw9C0z8&__hs=19422.BP%3Aplugin_default_pkg.2.0.0.0.0&__hsi=7207506309218450858&__req=2&__rev=1007056156&__s=%3A%3Akflqpz&__sp=1&__user=0&dpr=1&jazoest=21917&lsd=SozPwdMEVVWDkQdVnIo287

Verdicts & Comments Add Verdict or Comment

321 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 boolean| credentialless object| OBOXADSQ string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| adsbygoogle number| perPage string| disqusShortname string| commentsSystem boolean| fixedSidebar number| postPerPage object| creditsyear string| no_image object| month_format string| more_text string| comments_text string| pagenav_prev string| pagenav_next undefined| s undefined| o undefined| u function| selectnav object| jQuery111004053373329655383 undefined| jQuery111004053373329655383_1678128333238 undefined| jQuery111004053373329655383_1678128333240 number| numPages string| firstText string| lastText string| prevText string| nextText string| urlactivepage string| home_page undefined| noPage string| currentPage number| currentPageNo undefined| postLabel function| looppagecurrentg function| totalcountdata function| pagecurrentg function| redirectpage function| redirectlabel function| finddatepost object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| pageNumber number| pageStart number| lastPageNo number| pageEnd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ function| plausible object| cookieChoices number| level object| webpackChunkoboxads object| googletag string| CustomerConnectAnalytics function| cca object| pbjs object| _pbjsGlobals object| teads_analytics object| staticSlot object| apstag string| ggv2id string| p1729571366 string| p1729571421 number| p1729571422 function| oAddDVTag_ function| oGetPageStats_ function| p1729571451 function| p1729571446 function| p1729571443 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1729571440 function| p1729571423 function| p1729571419 function| p1729571476 function| p1729571417 function| p1729571429 function| p1729571426 function| p1729571424 function| p1729571400 function| p1729571405 function| p1729571391 function| p1729571390 function| p1729571388 function| p1729571381 function| oEnableNullChecklistener_ function| p1729571433 function| p1729571372 function| oPageUnload function| p1729571301 function| p1729571306 function| oSetDataParam function| p1729571425 number| p1729571291 string| p1729571292 object| p1729571293 object| p1729571294 boolean| p1729571295 number| p1729571297 number| p1729571298 object| p1729571319 string| p1729571361 number| p1729571302 object| p1729571369 string| p1729571337 string| p1729571338 object| p1729571375 number| p1729571376 boolean| p1729571380 number| p1729571382 boolean| p1729571384 boolean| p1729571434 boolean| p1729571409 boolean| p1729571436 boolean| oObserverChanges_ boolean| p1729571435 boolean| p1729571437 boolean| oAudienceListenerEnabled_ object| p1729571386 string| oDevice string| p1729571474 number| p1729571477 string| oParentHostname_ string| oParentPathname_ boolean| p1729571387 boolean| p1729571389 number| p1729571404 boolean| p1729571406 number| p1729571407 object| p1729571396 object| oAdSlots_ object| otkjs boolean| p1729571427 boolean| p1729571428 object| optimeraInsights string| p1729571438 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1729571449 object| p1729571450 boolean| oEnableInfiniteScrollUrls_ boolean| p1729571445 object| p1729571448 object| p1729571452 boolean| oHasStnVideo_ object| p1729571475 string| p1729571346 function| p1729571299 string| p1729571300 boolean| p1729571368 boolean| p1729571348 object| p1729571347 number| p1729571350 undefined| p1729571454 undefined| p1729571455 undefined| dateObj undefined| month undefined| day undefined| year undefined| today undefined| activeDates undefined| p1729571471 object| opbjs object| oaudLibjs object| ovpjs number| p1729571349 boolean| apstagLOADED object| apscustom object| _aps object| a object| p1729571374 object| oDv number| p1729571303 string| oUrl_ object| sw_consent object| _ccScriptSettings object| _ccLauncherSettings function| ccao object| _ccReady object| _ccApiReady object| carbonApi object| carbon number| oIndex4_ number| p1729571318 object| ggevents undefined| bean object| GUMGUM string| _carbonUID object| carbonUIDCache object| carbonReady object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| YzI3NDNkMGVmMTIzMTBjYWxvYWRlcl9qcw== string| YzI3NDNkMGVmMTIzMTBjYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| optimera object| _ccSettings object| ccRefresh function| slotElementAttachClick function| buildData object| GoogleGcLKhOms object| google_image_requests object| ggData

62 Cookies

Domain/Path Name / Value
.cestnormalauquebec.com/ Name: _ga
Value: GA1.2.915464089.1678128333
.cestnormalauquebec.com/ Name: _gid
Value: GA1.2.941910181.1678128333
.cestnormalauquebec.com/ Name: _gat_blogger
Value: 1
.cestnormalauquebec.com/ Name: __gads
Value: ID=6e58623494a5766c-2235824844dd002b:T=1678128333:RT=1678128333:S=ALNI_MYiXP1QSmyAUN7qDZhRf0L507jTdA
.cestnormalauquebec.com/ Name: __gpi
Value: UID=00000bc1163e9d68:T=1678128333:RT=1678128333:S=ALNI_MbbAFJr3gA9bdk_OxBGUgmIGD0O6Q
www.cestnormalauquebec.com/ Name: GLAM-JID
Value: 20f965a7e2654a3f887300d6603bfbd5
www.cestnormalauquebec.com/ Name: GLAM-AID
Value: cd6f7296e56d42758c5fb7608edc0c68
www.cestnormalauquebec.com/ Name: GLAM-SID
Value: ce7629f2f8f840a4afa884e3549fd891
www.cestnormalauquebec.com/ Name: __j_state
Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fwww.cestnormalauquebec.com%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%220f3bf2e0afa74835bf764af992ae17e5%22%2C%22extreferer%22%3A%22https%3A%2F%2Fwww.cestnormalauquebec.com%2F%22%2C%22user_worth%22%3A0%7D
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGrjseZRwJeO1s7wLe7fQhoZdxTmDhc5s1R-C2zHo_aFjssR5O-Uy4gw
.creativecdn.com/ Name: u
Value: DH4A7NYIce3yHbXMEt7F
.creativecdn.com/ Name: ts
Value: 1678128335
.360yield.com/ Name: tuuid
Value: 8f5d4e4a-bcd4-49b4-915f-98317390e2f1
.360yield.com/ Name: tuuid_lu
Value: 1678128335
.rubiconproject.com/ Name: khaos
Value: LEX6A6EF-U-1WZ2
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp4w0GhtvGFOw/5onLiA/RiY1TdhAkPVQA8smCg+0jowNBSVaArLKwTw5JYH/YQfO5C4Ichf1We8ZvNvLUxlwbc4ICd6Q+AmJsqEPwBDmttCdAPlTu0R9RN
.ads.stickyadstv.com/ Name: UID
Value: 1a5c4cdf15c9770ba7e3369eaaeb5
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2A2DADEA-BCCD-4CFE-8132-575CF027C6F7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160753:2
.pubmatic.com/ Name: DPSync3
Value: 1679270400%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1679270400%3A220_13_56_54_71_21_7_161%7C1678665600%3A223%7C1679356800%3A35
.weborama.fr/ Name: AFFICHE_W
Value: rk7gS03TnjCu23
.doubleclick.net/ Name: IDE
Value: AHWqTUlIVQ2FkrOOYtR0lHHswMEi3C9QQDlyB9oWmHn8OIQ0nvxpMk7RDaU126vW_dE
.mathtag.com/ Name: uuid
Value: 8f3c6406-34d2-4c00-88f0-2e995fbb4f2b
.simpli.fi/ Name: suid
Value: 25AEFC8029ED4E9ABED015FAFFE6FC96
.de17a.com/ Name: guid
Value: 1.5868299933476527047
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJe7fncAA-NfYrgumGm8Zjk&KRTB&16514-CAESEJe7fncAA-NfYrgumGm8Zjk&KRTB&23025-CAESEJe7fncAA-NfYrgumGm8Zjk&KRTB&23386-CAESEJe7fncAA-NfYrgumGm8Zjk
.yahoo.com/ Name: A3
Value: d=AQABBNI0BmQCEOWDmo7SU1BA7dCbbUWqkP0FEgEBAQGGB2QQZAAAAAAA_eMAAA&S=AQAAAsNpYxEAo7fI1rGgswAj2mE
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5868299933476527047
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2ad6
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&KRTB&16736-uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&KRTB&23019-uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b&KRTB&23114-uid:8f3c6406-34d2-4c00-88f0-2e995fbb4f2b
.pubmatic.com/ Name: SPugT
Value: 1678128338
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2C')t$>gt!]tb:8bhzs#DNB=:lK9B*:3[*N^EPFAh0[hV[77=IHn99B.3$xE`<p[OlEAK[j%WVZ6eyV^]uQd3nXm/!/6WqBq]o+
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIwMDE2NzZkMWJmM2QwM2JmMWZmOWE5Yzc3ODBkZWUwNiIsImV4cGlyZXMiOiIyMDIzLTA2LTA0VDE4OjQ1OjM4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTAzLTA2VDE4OjQ1OjM1WiJ9
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: ZAY00ncHdNLVpe9HuVnL.AAA
.casalemedia.com/ Name: CMPRO
Value: 5275
.casalemedia.com/ Name: CMPS
Value: 5275
.adform.net/ Name: uid
Value: 9023916927671476795
.audrte.com/ Name: arcki2
Value: f6c7yBbsCnBRmikOgJzmfJtwQ!20220908!1678128338930!ip#146.70.117.125
.audrte.com/ Name: arcki2_pubmatic
Value: 2A2DADEA-BCCD-4CFE-8132-575CF027C6F7!20220908!1678128338935
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9023916927671476795&KRTB&23263-9023916927671476795
.pubmatic.com/ Name: PugT
Value: 1678128339
.spotxchange.com/ Name: audience
Value: 16db0492-bc4f-11ed-9e01-1e5bf6c20106
.smilewanted.com/ Name: sw_user_params_infos
Value: v1bdsZKvXjkvE7nNMjn3TAUxTpcmufkTb9BlppWKb%2F2yuHDW63%2BEv3bdhu21Zk%2F0upwGy%2FRDhr4Lkvmr12xwJATExh1eLq8deJOP0kF5QQitq3BzNtEu6%2Fb7lFvpmCDrXTnvOSG20ZnbbKtynE%2BIWT0gn5Nk3eLr01JLwZJ1ssmFiQ3msa7R2ZClE13nClgzppsiUPozEIj1f%2FbZATC85pxK%2BLFKCEisIde35fAo54M5SPG21ZC%2FN2ctREJ%2BR73MI%2Bcz2oq%2BdxYzfNbYoAexXAUYdHJn0buFDPrCbccwvOcyBb8qx%2FALkwi%2FulyQJSXlgz7qM%2FPiXdeHcSMBUHpOSGXWKw%2FJ%2BZGmFX63D2ghvFkOvVPRqSdXbJViOExT1nMnix8M5LXTPTwvhBCWrDF%2BorlMhQTSkcqoy6BnEfgng2kc509H8su%2F7LyWGZLws45p8zUAH%2Bc2Z9tDvmtURLUEwA%3D%3D
.audrte.com/ Name: arcki2_ddp2
Value: f6c7yBbsCnBRmikOgJzmfJtwQ!20220908!1678128339079
.audrte.com/ Name: arcki2_adform
Value: 9023916927671476795!20220908!1678128339222
.adnxs.com/ Name: uuid2
Value: 659918840202903922
.linkedin.com/ Name: bcookie
Value: "v=2&75b89cad-8d76-4cdd-8f9c-d62dfb657cf7"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzgxMjgzMzk7MjswMjEGtylyIAovJFQ0fovjLw2dAdm0AfczZzuIPzgvKrK20w==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2524:u=1:x=1:i=1678128339:t=1678214739:v=2:sig=AQHuckdz74_lplPoJbPZLKtD5bSI3hc6"
.amazon-adsystem.com/ Name: ad-id
Value: A-KCD647MU-0jfrVqBl5JRg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

3 Console Messages

Source Level URL
Text
other warning URL: https://www.cestnormalauquebec.com/(Line 3041)
Message:
Unrecognized feature: 'web-share'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2A2DADEA-BCCD-4CFE-8132-575CF027C6F7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.audrte.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.btloader.com
at.teads.tv
blogger.googleusercontent.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
carbon-cdn.ccgateway.net
cdn.connectad.io
cdn.jsdelivr.net
cestnormalauquebec.com
cm.g.doubleclick.net
cr.frontend.weborama.fr
creativecdn.com
csync.smilewanted.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.gumgum.com
match.adsrvr.org
match.sharethrough.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
plausible.io
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.smilewanted.com
privacy-location-edge.ccgateway.net
px.ads.linkedin.com
resources.blogblog.com
rtb.gumgum.com
s.amazon-adsystem.com
scontent-fra3-1.xx.fbcdn.net
scontent-fra5-2.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent.xx.fbcdn.net
script-api.ccgateway.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
sqs.us-east-1.amazonaws.com
ssum-sec.casalemedia.com
static.bigpipes.co
static.smilewanted.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
www.blogger.com
www.cestnormalauquebec.com
www.facebook.com
www.google-analytics.com
www.google.com
www.facebook.com
104.111.217.42
104.22.68.131
13.224.191.98
13.248.245.213
13.32.27.27
130.211.23.194
142.250.186.66
142.251.208.166
151.101.129.108
162.19.138.119
178.250.0.163
18.156.0.31
18.193.97.47
18.212.140.196
18.66.23.213
185.184.8.90
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.138.155
185.94.180.125
2.18.232.7
2.18.79.134
2001:4860:4802:36::15
213.155.156.185
23.199.214.41
23.203.124.192
2400:52e0:1e00::1080:1
2600:9000:211a:9400:11:b309:9100:21
2600:9000:2304:3a00:5:82fd:2500:21
2602:803:c003:200::21
2606:4700:10::6816:36ce
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700::6812:bcf
2620:1ec:21::14
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2013
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9d
2a00:1450:400d:803::2002
2a00:1450:400d:807::2002
2a00:1450:400d:808::2009
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3605:ba00:e0e6:3fe7:92c1
3.122.24.140
3.239.232.253
3.66.39.104
34.111.129.221
34.111.131.239
34.91.62.186
35.170.206.70
35.71.131.137
37.157.6.247
37.252.172.123
52.208.99.252
52.28.203.152
52.31.114.167
52.31.240.6
52.46.151.131
52.58.138.83
54.77.216.47
63.251.114.137
67.220.226.238
69.164.223.117
69.173.144.139
69.173.144.165
8.2.110.114
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02ca17c72a03f270061a4989915b527e8382e66f2b6044e1cebfff814a9431a7
0321f2445e5a7aba373bd6fedd44e4dd59b3d59bea3e90c3fb35239f0c2851c3
03f02c28a301d2f0d267219c81773108074ae4e7ab3bbdd4de6b311749795690
048f8ebdddf15b612137f26a5e1e08da8515afeb09723421181cf8cdc17e9d8d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054028be650d6cbc7d154536ce5a2dfd24a6e58ebf4b47ba95caa345cb39dac0
0579ffd414cf831e6ca61ac33d37481a77a7f7a31905b6c0d9fa16769a9b3695
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bee3c4a840fc4959339c802f406fc8b5c2da290b48e3e89d48c51c5aa8efa2e
0e4b133b109b8159f263e1a46472a19331920b9699e331a0dfbdac4b921aa591
106c328e1463c7ebdaadc954f5f9eae9c90145252c9cb436a4de75703a5925c4
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
1145669c62f948bd419f77ec03deccf66f8f91df6fd173f32f0cff516a24891a
11ea163c642db465db2a3e289ee7928aa1d4d8d7290a111f5825348258c99569
132079658c336cba1f3ef486301044eea9fde89c21bcb9bb9fc4aedf492e1c1f
136b1325d0b5036cb677ba0709da17321180b9b39ed3b8ab2da695b2fcb99836
14c3d17528c63913bcda0d109bb5d0e59a6aa3a8f4e060ffc619e0025c2ab83b
15e223ceedf59a483161545d731f01d77ac1b500e2928e964ec0c71184e4ea43
178deec96d995ed4083859ca2635b95f8206b0dbcc6aa3d24c47557a309ce917
17d3ef9a303862a145c53f96a6a61cff6f745a5efb33fd3988dcd32cbe2e2e6e
1814425fd87a21dce240f385309f5aba46bc31229c823fdeb1dd32a0da6a5511
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a2914f504d0e526d30692afcda51550d01de2bd535654fb0bb0aaf3b9ce6a99
1a83395582e8d85bbe5dcb3941bf68b8c8285e5f94128506797f3ebc5de9f0c6
1bb26208cff855a64bf604bba379ebcf75a70f471c3dc02524e0bf207f8fa953
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
2056e07e1af0d4dbefc121e58e0e7b735be005729ab99ca1706f3f66a004facb
214bd0be9b3f53103232fbe0211ee2a30796f5dbd929502378705e699d5a4b43
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
231d70c4e1416a77de4014347e97f0fa16c3cd55076f219af70dfafb46ddfe3b
2324701fcc60fa70d5dc1a9cfbbf17b38008732770fda2bb578e91e66c470b56
2333c4c36dfd5c809c2b30a6a0c0b3b634d976b70ca0a13d021731d34af27c45
23a1615364b00d14cacb80c96c12a824a3efc07de68b6be62cfde26ae55f50dc
256753b1dc71a182c6cd645c46805cf1b8e07c8bd45e679657282f2cf366168b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
29b28a183b082bbbb2af8fafc85eb765042daa4bcb2be1f8fa9d5207e637a5fd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
322662696846a103f187ddd4cb58c7dcc892d14f23789218ebf0740794d91c34
362de89bbfb9611beef7c2c3ccdb317cc4af2bfa53228e816469c45a40547de3
3d3b63cc02bda81beac3d0cdc77c98a2878fd00fd3cbc1683d84627a270512e3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc83665a8ec770212a5e84293b448d3a1d8efc8f366081bf698b0bad9267e95
3f1863099af46443b87aa50bb0684d7d7e816594c4b0b1510bf333e4b5d4d4e5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a6d985b75ce3a75ee5c9d801bf01ce80e73fd1d9098118784a50903f36894c
40a8824b3ec62bde56134289fe34322adadf5e1e5b1cfee6bc4fdbf861f4da41
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
42d45c9f93dde5efa2e7890a581c3acdc152aba41f9581a65b1e588b0455c586
439b9ade3d15b52aefcfcc6157f7b84c1ad4336a18ab00f4e2756491a2813b72
4524c8aebbe4eb84268bb0acd8855c1a669dc8bc399881f53bb24d2d8b19aae4
45868832c7647763c29e1476758924470a884a9e4cc4af95d47b89ba8d444327
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e326e178f5a648d21f35b7775100d4eb176fb8336fc7606b2f3f2ffaafa0b1f
4fb93925a121a98fb2e1dc1f938d4cf3fbb070c1ec33b33d8a2dde2ec94bc2d6
50db9dcfb7ede3de416ea84a979fef13e69bed0bdd70af4a4a77331924dbe56b
50eed1741e859cff43744aec7b633d85b6894c128ec1de1aea284f9d848b7064
54bb212be28c7daf99a7ad975d66760f755854de6fd4647fd71df368ab62be50
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b6c0539c1dd5541a83e1a50f4450ced40778a8fabca5ba1dcecefde1506045
5833b9047a576a1d225c742823d3d36b656a8f1e4c25c761f3f6c7b115e4dae0
583f68f33e19fc826b713f6c8f9a92a389341c93ac304648ac5d98673859a6e8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921
5d1e0f67db656d542c3e075d8baf1a57ec7196d7ce7ec73f6a7f3e66347ec1ae
5d538a6cd7e7a6d2f904f5635a7cea26554f02878b42ef2dc60c2b1fea2c4a3a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5deb9179d1caed44af21a75c1629e384ce6cc503d0a7b80b1cb52f0c1c767386
5ed477f57139a07bf7b2af0df66cea2e6e61169ce1670982ad085397bb171984
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65fcad67170e457f3515f916a639a5b061188f04741539b52cdb4e809d52ef40
6974b1b7c4c3055dec3389605d00b60a17b8a86a8c4f08f5b1ba3effacfa109a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a981f16b9645ea2050060c0c12540d77f522e3e5bf2666671903fdc58c1349b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163
6e1d9699ea3f4837c287c5111c9b2c199014dd213027ac7aedfcbe8a9e281d73
6e9b11af2298c9924c5cfed2a73d5b79415bfc7dc4b30efe169c14cc82be7e52
6ee5e459de916968a1c03e2116f3524e85cc78bcf49a3cf2c5d751ae4bcb5e90
71661a4cd1d603e413722d05916a3851d84dd52349f1fd55b4e4aec723fd67cb
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792
76e1d80a5a1796d532f9cce4447bddcd1ce337d0a64fd3c402236689a6c59f3a
7799c4f6de8f1d60958e8733c4a2dc52ab65725b91418981f7e3bbb9fa41f25b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79fba8bbc8c3dc79e610870ca55176882746ba1021660735609899e2728f7b97
7a4e815b0c8f982008b286f158af5c6ffe8b44d834e917ff9146b843db7f8be4
7bbc0b1d217e29d47f1aaa0a28fec110c9ff9a76f384ec63c626181be2a03e68
7f686491871faa24d0cff64304efa19967ae845a4ad8b3fa1b89f436df7a940a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83ae98fb8295c237f3ffe0a5c0c4a935af9cd3384431e2020d0357c64ed6dc08
845102f66c04a60a9dec2900fa7b1edc231b4e5b79c9d46146f4d96179e0d8e3
866436eac9d2fde2af47d295c184c9f3ff6488ab625d52e18d3269f7335e0d7b
8728f44256378e529cf686a95b227a3603d3f6a8e1bbe0776bf5bc6b46843640
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
88415144e40f3a194751ecf157ff12b328e7798f7c96e5e8ae110c7f4dc09a7e
8909f78c59d32614ede1f952bec229b5fca9b4f3295cc1b356e4d8aa5d6fba1b
894592c46994ffb95965c660dfa72458e35ca0a1ef120653d823f55adcccdbd0
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b85fb3462f24c3b79d522773175b9a4c68385da2ffc6c875275589692abab5c
8bf6df44459d2397b8c03162670edf27712133963581efa684578fd384bfaf7f
8d2def7c557921e4264cb54467a0f3f7b6d3316bc732de89753cf00a3ac9a4b1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5
90176ef65e8ebb15b3c1fd61b36d0f9a7631549139c21b958cbf48b64d254daf
9041b3bcc26f2d4a54217036c5ff63eff2aa60ae421b3dafa88e1ced9cd72559
9052cf15b42c79fe1c71be9499856d2b9148e2e05df2bbb036beb2b139e5f8ce
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
9347c2aecc24e56124025272cc1ce39a533a561919a479bb6c189229f39306fc
9557801ca538e946462938475eafc1d2c363039abba5229dd139967aacd06b61
95b192bc1fa7b65ad2881a7dbbd230c177a2848ae8d4d97b598a1624269cedc5
961c91d039359f9f3f327a29ae77dd65d21000f00895751035186f158e32505e
9720d445e4a2b96f701ae735c1f492c65b409027b80faba95fe1810581ddf580
9852a62344359ea039cad40344aa32849c906348fddbbba67460b70764cc8061
9abdb7c25beaeb30ccd474de827ad4ef8b07ae3c0b105c7717dce1580663d3cf
9b48fd8e968357a5367c16222bd2757d8ce954f9967b36e651101edff3acd4e4
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f72d85528e44642448d8c3c594f87f4857eb8ec9bb225ddb6ca2efce3a7ad22
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a288e8a1bfb5152dd323e4a2121bb25137daf9214c604e45bd13d0672e3a5b0a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ec376905e79b0c2e6b66f89854a0e8b1cc7dff4df292f4aba9995277c82c92
a73ce166fd7cc26118761fd60d6f1db6cf2629363bac0ca3cd43d5b58882c5ae
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a9e9b25183086d9a4f38ffa75b83c2ac9be135dfc45e599e5160b425836251c3
aa6ef287993b39569ee4349feff5bcfb1679638f662538034cab787328f4bd2e
aafbda0fbf5664ddc3dabcaf4c2b53dfe6476c5230ac74998e12610b79cb5b3f
ab3d151ce44b1a7c95f4c93d609f2491d31815e64911916a79cfb09ecc8f3212
ac11488fa5527a4fb85528c42c7144938d4fd40deea7670c1e953585e26ec91d
ac606e2740104a3357c9da914e5de060697cc45d6f8415576cce0007dab76d17
ac83fd988bfe79517af7da2e0044875084cee765874b8a6def889374bb7de34e
ada7648287a3e19a8f00196926b991710781bb46bd3d3e191fad0b0021cd7c3d
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ac128b9e9e8778b54996d17145f8d7accfd596fe8edb3deb7840f1f47cdd87
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b317da785999703a39ebe3cdda663348dea6f4131a51fadddb5ae9d5f34b7996
b388be0ff15184b2f4b843bdb102390363dc7ef40fa0e03d94d4fc93a5f0462c
b45b9497d3293b6ba6b18bdb7222f1981cb5b75fe75a09adc80154f03218440b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb9e6e2a6435c62b41a97b2f753dd6cbbf50572e7d0c44aadb9be338b07a6e9
bf3675e8e03bb444c9692f09fe4784ec2f1f1002c89f16ded090411acadfa9c3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c128bd809e98d644ddb8c85fa1f2bf49c0f2f3e1a77d3af05ece5567b6d868
c480ccc54c0866ce78c03f56dd1c180adea0ab830adf4343d12eb0e4f52b718f
c6eaf6249dd28d2d6b8f957bd260fda6e0bfbe738dbf7003c7e0c34f7b12b5dc
c73c125104fd676f87dd839bc0c125b9fe50ca7d45070e509ec6b1067d37c798
c7ca86b3d2509fa402905d693a707c331bb640cbcf67318381634bf9dab8a8eb
c810b3bb3f826c8417f113789cc404da172fdca277cf6dc03c7309c44ca9352c
c8b64e755682c0facd2136ffcf85aad66748cce38683f7259b702a436f647364
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
c9b0aa7b43b4efa7a805f87885970644a218441f38d6feb4d0ca5b8d90973545
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bb2bc7dc5e349816784ddf3a2640d7715ad5e7e3a8c33b2e3bdccf05b42832
d5056a0f3e7b17d78845e122fe346c47d389bada905e5c71fbec373e4fdc38c8
d5455fa80868fdd7528880b9adcb61592f8c50288214e641387219664a8cbc8a
d5742adc4f37380f1f1bcff108410e9d03cb9c0a40f56e6d8a26666a33d4282f
d70ef0452cbfdd8bc38f383ce142a3588a146e6db60f683b50955f1f761f0a8a
d798c393c063e3190ee592fc206aac6ce1808b612a718a05f9cab180a8e64d8b
d8090c9a123fda567ca8d8095219d6756c41ebc43b5efa2261661ac520c52b57
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56906b16ec897a3ca7e61d23583679bc5a227a2e40315f6305d78507eb70d20
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ee7b99a3fc12feb53acdfa0b228f911bf7e9c6c699595d234dc07e4805f99895
ee8c313a1d5afea79a6e3642c43bb9c465773955f56dd5744a28eed1e225cbde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02c640034e315030e4762459ef8254f35c282fd2249379c4a453f00f0b33f64
f133b142d7c1f8065c588486360fd217d64fc61a2d572f06342381da54a0d278
f1d227892e3beb07b5d4accdf393d0ca34856d1fc9793e40095b583f148f93c3
f21a207a5725f4a203db314bb79a1d0f6d2558875155803f597b86a2e9886bf9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc4bc856b041bda5a3b1f28e48b3b3cfdf9a3ae929cae9de1d59d2d71e41c8c0
fe5f1716a34c4d9eebf9c7f816255dfe56e351062c50652b41ef4757248f0847