urlscan.io logo urlscan.io
SecurityTrails logo

www.caressesetbisous.com Open in urlscan Pro
34.149.8.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FMaz7Ktj4qQCyZ6yTYWXJRh152o0DOxq-2BfINKoo...
Effective URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Submission: On November 09 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 15 domains to perform 54 HTTP transactions. The main IP is 34.149.8.32, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.caressesetbisous.com.
TLS certificate: Issued by GTS CA 1D4 on September 17th 2022. Valid for: 3 months.
This is the only time www.caressesetbisous.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 18.185.37.173 16509 (AMAZON-02)
1 3 18.156.16.63 16509 (AMAZON-02)
1 1 18.195.123.247 16509 (AMAZON-02)
1 1 52.223.1.151 16509 (AMAZON-02)
19 34.149.8.32 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 35.195.163.35 396982 (GOOGLE-CL...)
1 35.227.234.99 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.227.221.175 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
54 12
1    167.89.118.35 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u23306908.ct.sendgrid.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
baise-directe.com
3    18.185.37.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-37-173.eu-central-1.compute.amazonaws.com
www.clicks.dating
3    18.156.16.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
vasy.clickmoileclito.com
oui.clickmoileclito.com
1    18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
ztf.zetaframes.com
1    52.223.1.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: abed88e6d11f24198.awsglobalaccelerator.com
strawberrycheesepie.com
19    34.149.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.149.34.bc.googleusercontent.com
www.caressesetbisous.com
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    35.195.163.35 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.163.195.35.bc.googleusercontent.com
recueillirleconsentement.com
api.recueillirleconsentement.com
1    35.227.234.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.234.227.35.bc.googleusercontent.com
landers.cdnware.io
4    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.227.221.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com
static.dating
2    2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 caressesetbisous.com
www.caressesetbisous.com
3 MB
10 recueillirleconsentement.com
recueillirleconsentement.com
api.recueillirleconsentement.com
24 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
377 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 17
24 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
3 clickmoileclito.com
vasy.clickmoileclito.com
oui.clickmoileclito.com
3 KB
3 clicks.dating
www.clicks.dating
13 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
517 B
1 google.fr
www.google.fr — Cisco Umbrella Rank: 10137
501 B
1 static.dating
static.dating — Cisco Umbrella Rank: 442755
197 KB
1 cdnware.io
landers.cdnware.io — Cisco Umbrella Rank: 419154
110 KB
1 strawberrycheesepie.com
strawberrycheesepie.com
626 B
1 zetaframes.com
ztf.zetaframes.com
639 B
1 baise-directe.com
baise-directe.com
826 B
1 sendgrid.net
u23306908.ct.sendgrid.net
490 B
54 15
Domain Requested by
19 www.caressesetbisous.com oui.clickmoileclito.com
www.caressesetbisous.com
8 api.recueillirleconsentement.com recueillirleconsentement.com
5 www.google.com www.caressesetbisous.com
www.gstatic.com
www.google.com
4 www.google-analytics.com www.caressesetbisous.com
www.google-analytics.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.clicks.dating www.clicks.dating
2 fonts.gstatic.com www.google.com
2 stats.g.doubleclick.net www.google-analytics.com
2 recueillirleconsentement.com www.caressesetbisous.com
recueillirleconsentement.com
2 vasy.clickmoileclito.com 1 redirects www.clicks.dating
1 www.google.fr www.caressesetbisous.com
1 static.dating www.caressesetbisous.com
1 landers.cdnware.io www.caressesetbisous.com
1 strawberrycheesepie.com 1 redirects
1 ztf.zetaframes.com 1 redirects
1 oui.clickmoileclito.com vasy.clickmoileclito.com
1 baise-directe.com 1 redirects
1 u23306908.ct.sendgrid.net 1 redirects
54 18

This site contains links to these domains. Also see Links.

Domain
api.bitmasteronlinesignon.com
Subject Issuer Validity Valid
www.clicks.dating
Amazon		 2022-07-25 -
2023-08-23		 a year crt.sh
vasy.clickmoileclito.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
caressesetbisous.com
GTS CA 1D4		 2022-09-17 -
2022-12-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
recueillirleconsentement.com
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
landers.cdnware.io
GTS CA 1D4		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
static.dating
GTS CA 1D4		 2022-11-03 -
2023-02-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Frame ID: CF10FEDFD6495835F9D202A85819B6ED
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Frame ID: 856BB5CC54AEA7BEAAF67C79AF3E4596
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

caressesetbisous.com

Page URL History Show full URLs

  1. https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FMaz7Ktj4qQCyZ6yTYWXJ... HTTP 302
    https://baise-directe.com/r/2ed7c8e48b70390a200e1c37c?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlb... HTTP 302
    https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383 Page URL
  2. https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383&fp2=AX1|... Page URL
  3. http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly92YXN5LmNsaWNrbW9pbGVjbGl0by5jb20vNDk... Page URL
  4. https://vasy.clickmoileclito.com/499afc87-025d-4f8f-942c-e9a7f037d448?adxzoneid=19456&adxdomain={adxdomain}&a... HTTP 302
    https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01... Page URL
  5. http://oui.clickmoileclito.com/redirect?target=BASE64aHR0cHM6Ly96dGYuemV0YWZyYW1lcy5jb20vMmI2MDI5MjQtY2VmYS... Page URL
  6. https://ztf.zetaframes.com/2b602924-cefa-4903-852f-5d7bd94af234?SourceID=15182&AffiliateID=1002&s1=4484... HTTP 302
    https://strawberrycheesepie.com/?a=2255&c=92790&s2=wc55f9slbvubvlbkijoskc96&s3=44844&s1=44844&s4=VLS-wc55f9s... HTTP 302
    https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

54
Requests

96 %
HTTPS

44 %
IPv6

15
Domains

18
Subdomains

12
IPs

3
Countries

3510 kB
Transfer

4439 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FMaz7Ktj4qQCyZ6yTYWXJRh152o0DOxq-2BfINKooH4POpVkn6fdxwlAhz1e0EfseeUfyUi5Cgt0JYVB8m5GZSwdiJAg-2FKVvdtX-2FKWfBIhWb50yHX-2FOoW7aoQF4fL40YguPylpUDTcN5pzrlm-2BwfvQotrRACJ3XZ4pUsyKUUKhk-2B4Mjhd3gQl4kBE1B-2FCi4Fevuk78GIUfukIsekDbLv-2FkfLkizubKOsRxNbGsUfw79LyYu-2FDh6Cfu-2BZLgN8-2F7yOpH3XHy1PqDOId1fknmAnK4FAQ2DYYz3QQkouhXnB4OkcGGDrk65f5VdoDo8SGt3nuDLl7Mz114gr6KUHUuJ-2FwevircPoBAh9OKuDlxYXtQNEDA-3D-3Dqpbt_YjWkMMH9cdXwqGzc3JTs6UbRiJ0zW-2Fb2CIjlpCk0ECXyNR-2BWNW0vzk8y8Ux-2FLFBfJY5toz699NRSrdh6DlSV8-2FTX6Q3q-2B9OQ-2FJ3Zv1RYMeBBZOup07VYPPSVxNj8VKIogFYOK2UxnTfbl7rYkFqMKozu3vwpB4iwq6iVHjlXd4sEuIX-2BGTDNi9yOq5qgW9sUmhyXm7eK6QOIz-2Fv8daN2RWCUBMLVGSrB3THA3-2Bb1Z5E-3D HTTP 302
    https://baise-directe.com/r/2ed7c8e48b70390a200e1c37c?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDUyO31zOjU6ImVtYWlsIjtpOjQ1MjtzOjQ6InN0YXQiO3M6MjI6IjYzNmIyODcwMmIxMmUxMjcxNDcxMDYiO3M6NDoibGVhZCI7czo1OiI4NzE0NSI7czo3OiJjaGFubmVsIjthOjE6e3M6NToiZW1haWwiO2k6NDUyO319& HTTP 302
    https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383 Page URL
  2. https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.87%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:37.59.164.101&allowcookie=true&setreferrer= Page URL
  3. http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly92YXN5LmNsaWNrbW9pbGVjbGl0by5jb20vNDk5YWZjODctMDI1ZC00ZjhmLTk0MmMtZTlhN2YwMzdkNDQ4P2FkeHpvbmVpZD0xOTQ1NiZhZHhkb21haW49e2FkeGRvbWFpbn0mYWR4Y2FtcGFpZ25pZD0xNTE4MiZhZHhtYXRlcmlhbG5hbWU9JmFkZXhiY2s9e2FkZXhiY2t9JmFkeGNvc3Q9MC4wNzkyNiZhZHhjaWQ9NlhPSTZJYnNsM2Rza0o1bThVNHF3YzBlM2pWTjdpTGNnMEpCckpTMmxVSnZFbjhsaVoxNWNaODVqNHJFQmNGRw==&hash=d6007b630adf305b5cf4aa2ee4190b56&ts=1668001391 Page URL
  4. https://vasy.clickmoileclito.com/499afc87-025d-4f8f-942c-e9a7f037d448?adxzoneid=19456&adxdomain={adxdomain}&adxcampaignid=15182&adxmaterialname=&adexbck={adexbck}&adxcost=0.07926&adxcid=6XOI6Ibsl3dskJ5m8U4qwc0e3jVN7iLcg0JBrJS2lUJvEn8liZ15cZ85j4rEBcFG HTTP 302
    https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa Page URL
  5. http://oui.clickmoileclito.com/redirect?target=BASE64aHR0cHM6Ly96dGYuemV0YWZyYW1lcy5jb20vMmI2MDI5MjQtY2VmYS00OTAzLTg1MmYtNWQ3YmQ5NGFmMjM0P1NvdXJjZUlEPTE1MTgyJkFmZmlsaWF0ZUlEPTEwMDImczE9NDQ4NDQmYWZmX2lkPTIyNTUmY2xpY2tpZD13YmVsc2hidjBzOGZmbGJrMnM0dDIxM2U&ts=1668001391982&hash=2yywFpPcNsIp8AlJzVb3X-5ilL-0Qt2CTzB5uFP6pRk&rm=DJ Page URL
  6. https://ztf.zetaframes.com/2b602924-cefa-4903-852f-5d7bd94af234?SourceID=15182&AffiliateID=1002&s1=44844&aff_id=2255&clickid=wbelshbv0s8fflbk2s4t213e HTTP 302
    https://strawberrycheesepie.com/?a=2255&c=92790&s2=wc55f9slbvubvlbkijoskc96&s3=44844&s1=44844&s4=VLS-wc55f9slbvubvlbkijoskc96 HTTP 302
    https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FMaz7Ktj4qQCyZ6yTYWXJRh152o0DOxq-2BfINKooH4POpVkn6fdxwlAhz1e0EfseeUfyUi5Cgt0JYVB8m5GZSwdiJAg-2FKVvdtX-2FKWfBIhWb50yHX-2FOoW7aoQF4fL40YguPylpUDTcN5pzrlm-2BwfvQotrRACJ3XZ4pUsyKUUKhk-2B4Mjhd3gQl4kBE1B-2FCi4Fevuk78GIUfukIsekDbLv-2FkfLkizubKOsRxNbGsUfw79LyYu-2FDh6Cfu-2BZLgN8-2F7yOpH3XHy1PqDOId1fknmAnK4FAQ2DYYz3QQkouhXnB4OkcGGDrk65f5VdoDo8SGt3nuDLl7Mz114gr6KUHUuJ-2FwevircPoBAh9OKuDlxYXtQNEDA-3D-3Dqpbt_YjWkMMH9cdXwqGzc3JTs6UbRiJ0zW-2Fb2CIjlpCk0ECXyNR-2BWNW0vzk8y8Ux-2FLFBfJY5toz699NRSrdh6DlSV8-2FTX6Q3q-2B9OQ-2FJ3Zv1RYMeBBZOup07VYPPSVxNj8VKIogFYOK2UxnTfbl7rYkFqMKozu3vwpB4iwq6iVHjlXd4sEuIX-2BGTDNi9yOq5qgW9sUmhyXm7eK6QOIz-2Fv8daN2RWCUBMLVGSrB3THA3-2Bb1Z5E-3D HTTP 302
  • https://baise-directe.com/r/2ed7c8e48b70390a200e1c37c?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDUyO31zOjU6ImVtYWlsIjtpOjQ1MjtzOjQ6InN0YXQiO3M6MjI6IjYzNmIyODcwMmIxMmUxMjcxNDcxMDYiO3M6NDoibGVhZCI7czo1OiI4NzE0NSI7czo3OiJjaGFubmVsIjthOjE6e3M6NToiZW1haWwiO2k6NDUyO319& HTTP 302
  • https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
Request Chain 3
  • https://vasy.clickmoileclito.com/499afc87-025d-4f8f-942c-e9a7f037d448?adxzoneid=19456&adxdomain={adxdomain}&adxcampaignid=15182&adxmaterialname=&adexbck={adexbck}&adxcost=0.07926&adxcid=6XOI6Ibsl3dskJ5m8U4qwc0e3jVN7iLcg0JBrJS2lUJvEn8liZ15cZ85j4rEBcFG HTTP 302
  • https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a.php
www.clicks.dating/
Redirect Chain
  • https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FMaz7Ktj4qQCyZ6yTYWXJRh152o0DOxq-2BfINKooH4POpVkn6fdxwlAhz1e0EfseeUfyUi5Cgt0JYVB8m5GZSwdiJAg-2FKVvdtX-2FKWfB...
  • https://baise-directe.com/r/2ed7c8e48b70390a200e1c37c?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDUyO31zOjU6ImVtYWlsIjtpOjQ1MjtzOjQ6InN0YXQiO3M6MjI6IjYzNmIyODcwMmIxMmUxMjcxNDcx...
  • https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.37.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-37-173.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-encoding
gzip
content-length
10835
content-type
text/html; charset=UTF-8
date
Wed, 09 Nov 2022 13:43:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.10 (Debian)
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
7676f9c519a5f140-CDG
content-type
text/html; charset=UTF-8
date
Wed, 09 Nov 2022 13:43:10 GMT
expires
Wed, 09 Nov 2022 13:43:10 GMT
location
https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7QQgk8QY85Y9lVzjnkEV9Njw9YZA0OV2ivy6ClVXXPLjv9iZ8yF0riqzfzLQd7HsNjR9%2BAXfm6P5lF3%2B8Qa9wwR8PWDeHxLs1Lj52r16BRa7wdOKvHWe61OMwCi%2BhaiYbv8qhC7dJnLNZMzrLqOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a.php
www.clicks.dating/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.87%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:37.59.164.101&allowcookie=true&setreferrer=
Requested by
Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.37.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-37-173.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer
https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

adxcampaignid
15182
adxcid
6XOI6Ibsl3dskJ5m8U4qwc0e3jVN7iLcg0JBrJS2lUJvEn8liZ15cZ85j4rEBcFG
adxcost
0.07926
adxdomain
adxmaterialid
44141
adxmaterialname
adxsubid
adxzoneid
19456
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-encoding
gzip
content-length
678
content-type
text/html; charset=UTF-8
date
Wed, 09 Nov 2022 13:43:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.10 (Debian)
vary
Accept-Encoding
redirect.php
www.clicks.dating/delivery/ 		792 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly92YXN5LmNsaWNrbW9pbGVjbGl0by5jb20vNDk5YWZjODctMDI1ZC00ZjhmLTk0MmMtZTlhN2YwMzdkNDQ4P2FkeHpvbmVpZD0xOTQ1NiZhZHhkb21haW49e2FkeGRvbWFpbn0mYWR4Y2FtcGFpZ25pZD0xNTE4MiZhZHhtYXRlcmlhbG5hbWU9JmFkZXhiY2s9e2FkZXhiY2t9JmFkeGNvc3Q9MC4wNzkyNiZhZHhjaWQ9NlhPSTZJYnNsM2Rza0o1bThVNHF3YzBlM2pWTjdpTGNnMEpCckpTMmxVSnZFbjhsaVoxNWNaODVqNHJFQmNGRw==&hash=d6007b630adf305b5cf4aa2ee4190b56&ts=1668001391
Requested by
Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=19456&email=marie.girardeau%40ac-nice.fr&tracker1=BDS383&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.87%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:37.59.164.101&allowcookie=true&setreferrer=
Protocol
HTTP/1.1
Server
18.185.37.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-37-173.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
424
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Nov 2022 13:43:11 GMT
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
fcc99488-86ed-4011-ab63-9c4064f1f701
vasy.clickmoileclito.com/
Redirect Chain
  • https://vasy.clickmoileclito.com/499afc87-025d-4f8f-942c-e9a7f037d448?adxzoneid=19456&adxdomain={adxdomain}&adxcampaignid=15182&adxmaterialname=&adexbck={adexbck}&adxcost=0.07926&adxcid=6XOI6Ibsl3d...
  • https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa
992 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa
Requested by
Host: www.clicks.dating
URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly92YXN5LmNsaWNrbW9pbGVjbGl0by5jb20vNDk5YWZjODctMDI1ZC00ZjhmLTk0MmMtZTlhN2YwMzdkNDQ4P2FkeHpvbmVpZD0xOTQ1NiZhZHhkb21haW49e2FkeGRvbWFpbn0mYWR4Y2FtcGFpZ25pZD0xNTE4MiZhZHhtYXRlcmlhbG5hbWU9JmFkZXhiY2s9e2FkZXhiY2t9JmFkeGNvc3Q9MC4wNzkyNiZhZHhjaWQ9NlhPSTZJYnNsM2Rza0o1bThVNHF3YzBlM2pWTjdpTGNnMEpCckpTMmxVSnZFbjhsaVoxNWNaODVqNHJFQmNGRw==&hash=d6007b630adf305b5cf4aa2ee4190b56&ts=1668001391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly92YXN5LmNsaWNrbW9pbGVjbGl0by5jb20vNDk5YWZjODctMDI1ZC00ZjhmLTk0MmMtZTlhN2YwMzdkNDQ4P2FkeHpvbmVpZD0xOTQ1NiZhZHhkb21haW49e2FkeGRvbWFpbn0mYWR4Y2FtcGFpZ25pZD0xNTE4MiZhZHhtYXRlcmlhbG5hbWU9JmFkZXhiY2s9e2FkZXhiY2t9JmFkeGNvc3Q9MC4wNzkyNiZhZHhjaWQ9NlhPSTZJYnNsM2Rza0o1bThVNHF3YzBlM2pWTjdpTGNnMEpCckpTMmxVSnZFbjhsaVoxNWNaODVqNHJFQmNGRw==&hash=d6007b630adf305b5cf4aa2ee4190b56&ts=1668001391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
992
content-type
text/html;charset=UTF-8
date
Wed, 09 Nov 2022 13:43:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 09 Nov 2022 13:43:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa
pragma
no-cache
server
nginx
redirect
oui.clickmoileclito.com/ 		636 B
928 B 		Document
General
Check archive.org
Download Go to
Full URL
http://oui.clickmoileclito.com/redirect?target=BASE64aHR0cHM6Ly96dGYuemV0YWZyYW1lcy5jb20vMmI2MDI5MjQtY2VmYS00OTAzLTg1MmYtNWQ3YmQ5NGFmMjM0P1NvdXJjZUlEPTE1MTgyJkFmZmlsaWF0ZUlEPTEwMDImczE9NDQ4NDQmYWZmX2lkPTIyNTUmY2xpY2tpZD13YmVsc2hidjBzOGZmbGJrMnM0dDIxM2U&ts=1668001391982&hash=2yywFpPcNsIp8AlJzVb3X-5ilL-0Qt2CTzB5uFP6pRk&rm=DJ
Requested by
Host: vasy.clickmoileclito.com
URL: https://vasy.clickmoileclito.com/fcc99488-86ed-4011-ab63-9c4064f1f701?source=15182&affid=1002&clickid=w4lan01cds6ddlbki1dqj6aa
Protocol
HTTP/1.1
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Wed, 09 Nov 2022 13:43:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Primary Request landing110
www.caressesetbisous.com/
Redirect Chain
  • https://ztf.zetaframes.com/2b602924-cefa-4903-852f-5d7bd94af234?SourceID=15182&AffiliateID=1002&s1=44844&aff_id=2255&clickid=wbelshbv0s8fflbk2s4t213e
  • https://strawberrycheesepie.com/?a=2255&c=92790&s2=wc55f9slbvubvlbkijoskc96&s3=44844&s1=44844&s4=VLS-wc55f9slbvubvlbkijoskc96
  • https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Requested by
Host: oui.clickmoileclito.com
URL: http://oui.clickmoileclito.com/redirect?target=BASE64aHR0cHM6Ly96dGYuemV0YWZyYW1lcy5jb20vMmI2MDI5MjQtY2VmYS00OTAzLTg1MmYtNWQ3YmQ5NGFmMjM0P1NvdXJjZUlEPTE1MTgyJkFmZmlsaWF0ZUlEPTEwMDImczE9NDQ4NDQmYWZmX2lkPTIyNTUmY2xpY2tpZD13YmVsc2hidjBzOGZmbGJrMnM0dDIxM2U&ts=1668001391982&hash=2yywFpPcNsIp8AlJzVb3X-5ilL-0Qt2CTzB5uFP6pRk&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
4273e2d131a10ed487f83634b93c62352cf843abb2c20af35cb798f7ca74f8b5

Request headers

Referer
http://oui.clickmoileclito.com/redirect?target=BASE64aHR0cHM6Ly96dGYuemV0YWZyYW1lcy5jb20vMmI2MDI5MjQtY2VmYS00OTAzLTg1MmYtNWQ3YmQ5NGFmMjM0P1NvdXJjZUlEPTE1MTgyJkFmZmlsaWF0ZUlEPTEwMDImczE9NDQ4NDQmYWZmX2lkPTIyNTUmY2xpY2tpZD13YmVsc2hidjBzOGZmbGJrMnM0dDIxM2U&ts=1668001391982&hash=2yywFpPcNsIp8AlJzVb3X-5ilL-0Qt2CTzB5uFP6pRk&rm=DJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 09 Nov 2022 13:43:12 GMT
server
nginx/1.14.2
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cache
MISS
x-cacheable
YES
x-host
caressesetbisous.com
x-powered-by
PHP/7.2.34
x-varnish
9525853
xkey
lander

Redirect headers

content-length
0
date
Wed, 09 Nov 2022 13:43:12 GMT
location
https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
server
nginx/1.18.0
landing110.css
www.caressesetbisous.com/landers/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/css/landing110.css
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
0b17eede5c3bc305cbdb42700267e444560f8d89ebe4c38b35f9ff86098931b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:12:23 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
caressesetbisous.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
9877364 7974565
cache-control
max-age=300
accept-ranges
bytes
pornhub.css
www.caressesetbisous.com/landers/css/theme/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/css/theme/pornhub.css
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
3a7ae5a7fdce83733e1c144e0ab1fbc3d4e7c9e8f1aab9be185730d691b7bee4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:11:44 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
caressesetbisous.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
9686784 8917960
cache-control
max-age=300
accept-ranges
bytes
fontawesome-all.min.css
www.caressesetbisous.com/landers/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/css/fontawesome-all.min.css
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:30:56 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 27 Oct 2022 12:39:31 GMT
server
nginx/1.14.2
etag
"635a7c03-c970"
vary
Accept-Encoding
content-type
text/css
x-varnish
9937439 8606118
cache-control
max-age=300
accept-ranges
bytes
enterprise.js
www.google.com/recaptcha/ 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8d07a5aa0d6a2f3969a3aba866abc2c847b2c2bd4863e36bed0d082101928472
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
619
x-xss-protection
1; mode=block
expires
Wed, 09 Nov 2022 13:43:12 GMT
enterprise.js
www.google.com/recaptcha/ 		940 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
264319c31e15ae067ac2b0144bbf5949f673331ed795a18c66e2534c543f5e0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Wed, 09 Nov 2022 13:43:12 GMT
logo.png
www.caressesetbisous.com/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/img/logo.png
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
aed49d14655035da3b0b3de62a5d8d0cd3338608e51d60d2ed1327119b65c3fd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:12 GMT
via
1.1 google
last-modified
Wed, 09 Nov 2022 06:40:29 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"2e54-5ed03eec0d616"
vary
X-Forwarded-Proto
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11860
x-ua-compatible
IE=edge,chrome=1
google-logo.svg
www.caressesetbisous.com/landers/images/general/ 		688 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/general/google-logo.svg
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:24:52 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:32 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c04-2b0"
x-cache
HIT
content-type
image/svg+xml
x-varnish
10001471 8752701
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
loading.gif
www.caressesetbisous.com/landers/images/loader/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/loader/loading.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:30:44 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:34 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c06-b4c"
x-cache
HIT
content-type
image/gif
x-varnish
9074527 7003812
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2892
vegas.min.css
www.caressesetbisous.com/landers/css/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/css/vegas.min.css
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:23:15 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 27 Oct 2022 12:39:31 GMT
server
nginx/1.14.2
etag
"635a7c03-2e20"
vary
Accept-Encoding
content-type
text/css
x-varnish
9466649 8544960
cache-control
max-age=300
accept-ranges
bytes
vendor.js
www.caressesetbisous.com/landers/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/js/vendor.js
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
cf15397b140151b5d9805f3ce497cb633dd8fead7bb3c5bc09ce20368bda1dab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:11:14 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 27 Oct 2022 12:39:53 GMT
server
nginx/1.14.2
etag
"635a7c19-1e2ae"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
9877367 8207632
cache-control
max-age=300
accept-ranges
bytes
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ 		402 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26b8033cef620f78e6b14f003c161dd3dcae68336be4a8c3eff0bd730dec023d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.caressesetbisous.com/
Origin
https://www.caressesetbisous.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163362
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 04:02:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 13:07:30 GMT
cc.js
recueillirleconsentement.com/ 		117 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
dd27fdf017c7377140fe2be867cf55d83899c3807f97954dab83862abc527049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
content-length
14082
landing110.js
www.caressesetbisous.com/landers/js/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.caressesetbisous.com/landers/js/landing110.js
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
6c639b2bb3039247fe9ba0a8669f18a117da5f865db48d2da2328d50dc0d6486

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:10:35 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 27 Oct 2022 12:39:53 GMT
server
nginx/1.14.2
etag
"635a7c19-12a8f"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
9563661 8413896
cache-control
max-age=300
accept-ranges
bytes
media-registry.js
landers.cdnware.io/ 		110 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landers.cdnware.io/media-registry.js
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.234.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a73efb060be2416b7f1c0b094b4243ebbbdcdad9072ba669a26b20ad65fd5d2b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:38:10 GMT
age
303
x-guploader-uploadid
ADPycdtFcSUVwH6ez0dFY8LI8Mea_svdODoqM6fLjWxJKDn6l4dhADB4U0AMtfXqEZBZaF_T5cOUt9w4WiVkG-bivLygB_yZKzG7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112540
last-modified
Thu, 27 Oct 2022 12:41:00 GMT
server
UploadServer
etag
"71504e83574f76de8fbb07e16a157646"
x-goog-generation
1666874459999035
x-goog-hash
crc32c=w4mUoQ==, md5=cVBOg1dPdt6PuwfhahV2Rg==
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
112540
accept-ranges
bytes
expires
Wed, 09 Nov 2022 14:38:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landers/js/landing110.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Nov 2022 13:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 09 Nov 2022 15:15:54 GMT
fr-fr2.json
static.dating/lander/translations/ 		197 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/fr-fr2.json
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.221.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad3558e0f97ba2968f4705b79657148022566c0e846785b81288626f67905f36

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:41:57 GMT
age
76
x-guploader-uploadid
ADPycdt3Zi5UDOYNZCEraZLQdECeYdo9_ddarU3MApSBBxb2pc-tHs_KJz06itbePWFhI5h3ceWeHaNv6s5nB2aiUnyw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201261
last-modified
Thu, 14 Jul 2022 09:58:59 GMT
server
UploadServer
etag
"2b562a90cec328e77980e8f81a3364ad"
x-goog-generation
1657792739546965
x-goog-hash
crc32c=NL7kKA==, md5=K1YqkM7DKOd5gOj4GjNkrQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
201261
accept-ranges
bytes
content-type
application/octet-stream
expires
Wed, 09 Nov 2022 14:41:57 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 856B 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
745a5f3148d4ed0a6ba97d0482a9ce45687f0d2ae3a66e97047ab9ffeb8712d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yq6BLMW8M6wcYoTH1xllRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.caressesetbisous.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22390
content-security-policy
script-src 'report-sample' 'nonce-yq6BLMW8M6wcYoTH1xllRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:43:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
01.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/01.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
863b815de9d4b56ceb392831ba3c52d34e87f23fc306379addede91b9838fa80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:16:47 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-17de9"
x-cache
HIT
content-type
image/gif
x-varnish
7811612 8982153
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97769
02.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/02.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
fee021fd59c180668f2a5df40fab666df08d907960786f1638cd2c8ab526ad54

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:30:56 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-36525"
x-cache
HIT
content-type
image/gif
x-varnish
9617102 8417264
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
222501
03.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		589 KB
589 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/03.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
186ae76b0c13697f21c972d445d08da25172178a792b12e2e6df419ed65bb59c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:13:06 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-93502"
x-cache
HIT
content-type
image/gif
x-varnish
9563664 8981520
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603394
04.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		708 KB
708 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/04.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a59a56b5c380571ed2f381d586ef57c50e4e7dc250527ecc27cc8a709628765e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:31:34 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-b110f"
x-cache
HIT
content-type
image/gif
x-varnish
9866055 8882894
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
725263
05.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/05.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
ecd5e771ee662c51b5c5ed8389e5a98ff61af2ddbadfb52f3caac687dae21d0d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:26:19 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-a7ce"
x-cache
HIT
content-type
image/gif
x-varnish
10001475 8790653
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42958
06.gif
www.caressesetbisous.com/landers/images/landing110/default/default/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/06.gif
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
25085428459fa605551892276bed6d1e27825b782a9fe6a255cbfc66d6b26067

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:22:55 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-226d3"
x-cache
HIT
content-type
image/gif
x-varnish
9590245 8544890
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141011
bg2.jpg
www.caressesetbisous.com/landers/images/landing110/default/default/ 		482 KB
482 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/bg2.jpg?geo=fr
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
6c9d939442fc20f18c17cdcd59a5a023c65324aa5a46d0b6818746c5d20061ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:17:03 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-78615"
x-cache
HIT
content-type
image/jpeg
x-varnish
9523489 8821170
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
493077
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=61114602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.caressesetbisous.com%2Flanding110%3Fstyle%3D1%26pi%3D2255%26pt1%3Dptecdec4b7352a4a7aa39c8cc810df23c9%26pe%3D44844&ul=en-us&de=UTF-8&dt=caressesetbisous.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1403082101&gjid=1821360248&cid=368178617.1668001393&tid=UA-132064855-2&_gid=1653323700.1668001393&_r=1&_slc=1&z=1810223973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.caressesetbisous.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=61114602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.caressesetbisous.com%2Flanding110%3Fstyle%3D1%26pi%3D2255%26pt1%3Dptecdec4b7352a4a7aa39c8cc810df23c9%26pe%3D44844&ul=en-us&de=UTF-8&dt=caressesetbisous.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1574367903&gjid=2102841549&cid=368178617.1668001393&tid=UA-132064855-5&_gid=1653323700.1668001393&_r=1&_slc=1&z=1182030203
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.caressesetbisous.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=61114602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.caressesetbisous.com%2Flanding110%3Fstyle%3D1%26pi%3D2255%26pt1%3Dptecdec4b7352a4a7aa39c8cc810df23c9%26pe%3D44844&ul=en-us&de=UTF-8&dt=caressesetbisous.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=2086682080&gjid=193533742&cid=368178617.1668001393&tid=UA-131056979-4&_gid=1653323700.1668001393&_r=1&_slc=1&z=89875411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.caressesetbisous.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ Frame 856B 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 04:02:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 13:38:27 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ Frame 856B 		402 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26b8033cef620f78e6b14f003c161dd3dcae68336be4a8c3eff0bd730dec023d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163362
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 04:02:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 13:07:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-132064855-5&cid=368178617.1668001393&jid=1574367903&gjid=2102841549&_gid=1653323700.1668001393&_u=IEDAAEABAAAAACAAI~&z=1817867417
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.caressesetbisous.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-132064855-2&cid=368178617.1668001393&jid=1403082101&gjid=1821360248&_gid=1653323700.1668001393&_u=IEBAAEAAAAAAACAAI~&z=1437952981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.caressesetbisous.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-132064855-5&cid=368178617.1668001393&jid=1574367903&_u=IEDAAEABAAAAACAAI~&z=1621827299
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-132064855-5&cid=368178617.1668001393&jid=1574367903&_u=IEDAAEABAAAAACAAI~&z=1621827299
Requested by
Host: www.caressesetbisous.com
URL: https://www.caressesetbisous.com/landing110?style=1&pi=2255&pt1=ptecdec4b7352a4a7aa39c8cc810df23c9&pe=44844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Nov 2022 13:43:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 856B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options
nosniff
age
67405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 15 Nov 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 856B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options
nosniff
age
537072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 08:32:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 856B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options
nosniff
age
141714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 856B 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1910820b681f844a1b16f9ba1e0fd84573b9dd697479595b694ba8957058ecb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuY2FyZXNzZXNldGJpc291cy5jb206NDQz&hl=fr&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=8brnxeb2p68q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 09 Nov 2022 13:43:13 GMT
collector
api.recueillirleconsentement.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/collector
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.caressesetbisous.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.caressesetbisous.com
content-length
0
content-type
application/vnd.api+json
date
Wed, 09 Nov 2022 13:43:13 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
cc.css
recueillirleconsentement.com/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recueillirleconsentement.com/cc.css
Requested by
Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3892
collector
api.recueillirleconsentement.com/consent/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/collector
Requested by
Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9236a8e743996f0ebc8cc5eea0e1b1ec28db4455080e57625dbd1d4458e5b345
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.caressesetbisous.com
access-control-allow-credentials
true
content-length
4414
loadSegment
api.recueillirleconsentement.com/consent/ 		367 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/loadSegment
Requested by
Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.caressesetbisous.com
access-control-allow-credentials
true
content-length
367
loadSegment
api.recueillirleconsentement.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.caressesetbisous.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.caressesetbisous.com
content-length
0
content-type
application/vnd.api+json
date
Wed, 09 Nov 2022 13:43:13 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.recueillirleconsentement.com/consent/ 		1003 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/loadSegment
Requested by
Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.caressesetbisous.com
access-control-allow-credentials
true
content-length
1003
loadSegment
api.recueillirleconsentement.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.caressesetbisous.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.caressesetbisous.com
content-length
0
content-type
application/vnd.api+json
date
Wed, 09 Nov 2022 13:43:13 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.recueillirleconsentement.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/confirmExplicit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.caressesetbisous.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.caressesetbisous.com
content-length
0
content-type
application/vnd.api+json
date
Wed, 09 Nov 2022 13:43:13 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.recueillirleconsentement.com/consent/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.recueillirleconsentement.com/consent/confirmExplicit
Requested by
Host: recueillirleconsentement.com
URL: https://recueillirleconsentement.com/cc.js?wId=6uJM4p5JW71Z8Ko1EtbODN&domain=caressesetbisous.com&languageCode=fr&languageTerritory=FR&sessionId=3a6369067f1c42449a624b1b87ef53ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.caressesetbisous.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Nov 2022 13:43:13 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.caressesetbisous.com
access-control-allow-credentials
true
content-length
0
bg1.jpg
www.caressesetbisous.com/landers/images/landing110/default/default/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/bg1.jpg?geo=fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
e3c7c127ca53b1fdcce14e582c61448ce0dd4845f23330d07857bb717b2ed98f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 03:09:38 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-159f1"
x-cache
HIT
content-type
image/jpeg
x-varnish
9806000 8068044
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88561
bg3.jpg
www.caressesetbisous.com/landers/images/landing110/default/default/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.caressesetbisous.com/landers/images/landing110/default/default/bg3.jpg?geo=fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.149.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
beaec1f794248bb76a08fcb9af594a219d8b4df95f02c3ea5a0429108349b175

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.caressesetbisous.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:31:37 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 27 Oct 2022 12:39:33 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"635a7c05-464c7"
x-cache
HIT
content-type
image/jpeg
x-varnish
9287145 8764490
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287943

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Lander function| $ function| jQuery function| url object| setRegister object| isMobile object| getUrl string| GoogleAnalyticsObject function| ga object| setInit object| setFmMapper object| setPhoenixMapper object| setMapper object| setApi object| geoDataService object| setTimer object| setBg object| setStyle object| setEmailPassing object| setAgeSearch object| setBirthDate object| setCity object| setConditions object| setEmail object| setGender object| setLength object| setPassword object| setRegion object| setUsername object| setSso function| startLander object| recaptcha object| closure_lm_747685 object| CollectConsent object| mediaRegistry object| dataLayer boolean| hasSteps boolean| hasMultiStep boolean| hasPopup object| google_tag_data object| gaplugins object| gaGlobal object| gaData

20 Cookies

Domain/Path Name / Value
baise-directe.com/ Name: mautic_device_id
Value: n37g411et1lyyx4lql11irf
baise-directe.com/ Name: mtc_id
Value: 87145
baise-directe.com/ Name: mtc_sid
Value: n37g411et1lyyx4lql11irf
baise-directe.com/ Name: mautic_referer_id
Value: 372212
www.clicks.dating/ Name: PHPSESSID
Value: s8bq57p8nifsre5m4efn9hh1d6
.www.clicks.dating/ Name: fp2
Value: 32f4c8d8c0d28cf67d6736d595d92d26
.vasy.clickmoileclito.com/ Name: 499afc87-025d-4f8f-942c-e9a7f037d448-v4
Value: fkbo0iuEJMaEsi1SSdfNdB7ZppMlx0MT0w8akuO_2k0
.vasy.clickmoileclito.com/ Name: fcc99488-86ed-4011-ab63-9c4064f1f701-v4
Value: p7rvcSWMQpBoeOqSvlimBsbwn95lKGfQk2r_AqE6YEk
.vasy.clickmoileclito.com/ Name: cc-v4
Value: XkNXKzgTTIPnQAj5d0nu062KJoHa2KTshO4jjSjiaK8wyTArEW943HlQ9m8jIwy4p3m%2F%2FEbVAUPtX3%2F%2Fe%2F9xyZOc1fjtWmvHhKkWvsII%2BfEwDvCPiEzgEjHbkSmarKzLBGM9bCI3N62TDhR2ZxubTA%3D%3D
.ztf.zetaframes.com/ Name: 2b602924-cefa-4903-852f-5d7bd94af234-v4
Value: 2J1bV5_AzyVvqgkqm43jMN0GBKya5VnniYwDMekf1ck
.ztf.zetaframes.com/ Name: cc-v4
Value: AWMvHfWPDeb97htEOpYuAUOmb819gDD7ItBwjj2oNOavlwSZWcWLJ1XmNz2ASEnax6CVreLKcD6MFH8DyUshe52IwxDYYcXotz95LoF%2FWCunq8WK1JI7RH0Il%2FPot4cGTMSQeu82XXrummONRn5LMA%3D%3D
.strawberrycheesepie.com/ Name: pt30
Value: 8d144fe7a5eb4daf8c00d980f7f69267
.strawberrycheesepie.com/ Name: ptc
Value: 8d144fe7a5eb4daf8c00d980f7f69267
.strawberrycheesepie.com/ Name: ptbs
Value: 8d144fe7a5eb4daf8c00d980f7f69267
.strawberrycheesepie.com/ Name: ptr
Value: ptecdec4b7352a4a7aa39c8cc810df23c9
.caressesetbisous.com/ Name: _ga
Value: GA1.2.368178617.1668001393
.caressesetbisous.com/ Name: _gid
Value: GA1.2.1653323700.1668001393
.caressesetbisous.com/ Name: _gat_a
Value: 1
.caressesetbisous.com/ Name: _gat_b
Value: 1
.caressesetbisous.com/ Name: _gat_c
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.recueillirleconsentement.com
baise-directe.com
fonts.gstatic.com
landers.cdnware.io
oui.clickmoileclito.com
recueillirleconsentement.com
static.dating
stats.g.doubleclick.net
strawberrycheesepie.com
u23306908.ct.sendgrid.net
vasy.clickmoileclito.com
www.caressesetbisous.com
www.clicks.dating
www.google-analytics.com
www.google.com
www.google.fr
www.gstatic.com
ztf.zetaframes.com
167.89.118.35
18.156.16.63
18.185.37.173
18.195.123.247
2a00:1450:4001:803::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c02::9a
2a06:98c1:3120::3
34.149.8.32
35.195.163.35
35.227.221.175
35.227.234.99
52.223.1.151
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
0b17eede5c3bc305cbdb42700267e444560f8d89ebe4c38b35f9ff86098931b8
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
186ae76b0c13697f21c972d445d08da25172178a792b12e2e6df419ed65bb59c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25085428459fa605551892276bed6d1e27825b782a9fe6a255cbfc66d6b26067
264319c31e15ae067ac2b0144bbf5949f673331ed795a18c66e2534c543f5e0e
26b8033cef620f78e6b14f003c161dd3dcae68336be4a8c3eff0bd730dec023d
2a1e15cc8fdbe5496400fe90ba44e4781dc022d181c816573ff43a1fd7f4eb86
3a7ae5a7fdce83733e1c144e0ab1fbc3d4e7c9e8f1aab9be185730d691b7bee4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4273e2d131a10ed487f83634b93c62352cf843abb2c20af35cb798f7ca74f8b5
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
559e62a076a110ae71f6742f2b89a4610ba160b905bf2f577e3125fc0c5aece2
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c639b2bb3039247fe9ba0a8669f18a117da5f865db48d2da2328d50dc0d6486
6c9d939442fc20f18c17cdcd59a5a023c65324aa5a46d0b6818746c5d20061ce
745a5f3148d4ed0a6ba97d0482a9ce45687f0d2ae3a66e97047ab9ffeb8712d1
863b815de9d4b56ceb392831ba3c52d34e87f23fc306379addede91b9838fa80
8d07a5aa0d6a2f3969a3aba866abc2c847b2c2bd4863e36bed0d082101928472
9236a8e743996f0ebc8cc5eea0e1b1ec28db4455080e57625dbd1d4458e5b345
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a59a56b5c380571ed2f381d586ef57c50e4e7dc250527ecc27cc8a709628765e
a73efb060be2416b7f1c0b094b4243ebbbdcdad9072ba669a26b20ad65fd5d2b
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1
ad3558e0f97ba2968f4705b79657148022566c0e846785b81288626f67905f36
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed49d14655035da3b0b3de62a5d8d0cd3338608e51d60d2ed1327119b65c3fd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
beaec1f794248bb76a08fcb9af594a219d8b4df95f02c3ea5a0429108349b175
cf15397b140151b5d9805f3ce497cb633dd8fead7bb3c5bc09ce20368bda1dab
dd27fdf017c7377140fe2be867cf55d83899c3807f97954dab83862abc527049
e1910820b681f844a1b16f9ba1e0fd84573b9dd697479595b694ba8957058ecb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c7c127ca53b1fdcce14e582c61448ce0dd4845f23330d07857bb717b2ed98f
ecd5e771ee662c51b5c5ed8389e5a98ff61af2ddbadfb52f3caac687dae21d0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fee021fd59c180668f2a5df40fab666df08d907960786f1638cd2c8ab526ad54