urlscan.io logo urlscan.io
SecurityTrails logo

www.cestnormalauquebec.com Open in urlscan Pro
2a00:1450:4001:82b::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cestnormalauquebec.com/
Effective URL: https://www.cestnormalauquebec.com/
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 11 countries across 58 domains to perform 245 HTTP transactions. The main IP is 2a00:1450:4001:82b::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.cestnormalauquebec.com.
TLS certificate: Issued by GTS CA 1D4 on March 21st 2023. Valid for: 3 months.
This is the only time www.cestnormalauquebec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 69.164.223.117 63949 (AKAMAI-LI...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.16.134 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 18.212.140.196 14618 (AMAZON-AES)
5 2.18.232.7 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
3 52.222.208.154 16509 (AMAZON-02)
5 32 104.22.69.131 13335 (CLOUDFLAR...)
1 7 52.213.194.225 16509 (AMAZON-02)
1 13.32.27.107 16509 (AMAZON-02)
1 104.111.217.42 16625 (AKAMAI-AS)
5 216.52.2.91 30282 (AS-INAPCD...)
5 10 138.201.8.249 24940 (HETZNER-AS)
8 8 213.19.147.44 3356 (LEVEL3)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 188.42.191.196 7979 (SERVERS-COM)
10 8.2.108.175 46636 (NATCOWEB)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2.16.186.10 20940 (AKAMAI-ASN1)
1 3.239.232.168 14618 (AMAZON-AES)
5 3.66.137.213 16509 (AMAZON-02)
2 18.197.195.125 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 35.158.90.150 16509 (AMAZON-02)
15 37.252.171.21 29990 (ASN-APPNEX)
4 18.64.158.226 16509 (AMAZON-02)
3 52.57.148.57 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 76.223.111.18 16509 (AMAZON-02)
2 104.109.78.125 16625 (AKAMAI-AS)
5 2.19.228.187 16625 (AKAMAI-AS)
3 151.101.1.108 54113 (FASTLY)
1 162.19.138.119 16276 (OVH)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.132.241 30419 (MEDIAMATH...)
7 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
6 8 142.250.186.98 15169 (GOOGLE)
1 54.171.31.74 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 23.21.155.77 14618 (AMAZON-AES)
3 3 37.157.3.20 198622 (ADFORM)
1 35.204.158.49 396982 (GOOGLE-CL...)
6 52.223.40.198 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
4 8 185.86.139.103 ()
8 8 54.216.181.39 ()
7 9 69.173.144.165 ()
1 1 2a05:d018:d29... ()
2 3 52.46.151.131 ()
1 2620:1ec:21::14 ()
2 3 67.220.224.150 ()
1 198.47.127.20 ()
245 68
5    2a00:1450:4001:82b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.cestnormalauquebec.com
5    2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
2    2400:52e0:1e00::864:1 (Germany)

ASN200325 (BUNNYCDN, SI)
plausible.io
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
23    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
6    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    69.164.223.117 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-69-164-223-117.newark.nodebalancer.linode.com
static.bigpipes.co
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com
carbon-cdn.ccgateway.net
script-api.ccgateway.net
privacy-location-edge.ccgateway.net
5    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2600:9000:223e:1000:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2490:1000:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
32    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
prebid.smilewanted.com
7    52.213.194.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
js.gumgum.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
5    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
10    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
8    213.19.147.44 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
10    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.239.232.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-168.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
5    3.66.137.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    18.197.195.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-195-125.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    35.158.90.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-90-150.eu-central-1.compute.amazonaws.com
tlx.3lift.com
15    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    18.64.158.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-158-226.atl56.r.cloudfront.net
aax.amazon-adsystem.com
3    52.57.148.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    54.171.31.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-74.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    23.21.155.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-155-77.compute-1.amazonaws.com
a.audrte.com
3    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
8    185.86.139.103 (None, )

ASN- ()
sync.smartadserver.com
8    54.216.181.39 (None, )

ASN- ()
ice.360yield.com
9    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
1    2a05:d018:d29:3602:bc92:520b:1528:ac03 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
3    67.220.224.150 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
32 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 6291
static.smilewanted.com — Cisco Umbrella Rank: 14565
prebid.smilewanted.com — Cisco Umbrella Rank: 7054
74 KB
23 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 14089
4 MB
19 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com
44 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com — Cisco Umbrella Rank: 806
70 KB
15 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 201
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
157 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com
pixel.rubiconproject.com
15 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
65 KB
10 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3732
10 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2933
2 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
202 KB
8 360yield.com
ice.360yield.com
3 KB
8 smartadserver.com
sync.smartadserver.com
1 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
3 KB
8 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
btlr.sharethrough.com — Cisco Umbrella Rank: 1651
496 B
8 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2328
js.gumgum.com — Cisco Umbrella Rank: 6380
rtb.gumgum.com — Cisco Umbrella Rank: 2335
44 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1617
at.teads.tv — Cisco Umbrella Rank: 4942
6 KB
6 ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 16107
script-api.ccgateway.net — Cisco Umbrella Rank: 16197
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 16220
24 KB
6 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11425
954 KB
5 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 8582
sync-eu.connectad.io
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
5 google.com
adservice.google.com — Cisco Umbrella Rank: 130
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2078
www.google.com — Cisco Umbrella Rank: 16
91 KB
5 cestnormalauquebec.com
www.cestnormalauquebec.com
57 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 gstatic.com
fonts.gstatic.com
216 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 7869
92 KB
3 adform.net
dmp.adform.net
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
897 B
3 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1707
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1542
api.btloader.com — Cisco Umbrella Rank: 1745
8 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
ajax.googleapis.com — Cisco Umbrella Rank: 607
38 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
728 B
2 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 6853
5 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
1 KB
2 cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1289
83 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 17703
2 KB
1 linkedin.com
px.ads.linkedin.com
648 B
1 yahoo.com
pr-bh.ybp.yahoo.com
617 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
587 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
795 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
363 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
737 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
1 KB
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5459
658 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
612 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
481 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
434 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
613 B
1 bigpipes.co
static.bigpipes.co — Cisco Umbrella Rank: 943078
133 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 17739
300 B
245 58
Domain Requested by
23 csync.smilewanted.com 5 redirects static.bigpipes.co
csync.smilewanted.com
23 blogger.googleusercontent.com www.cestnormalauquebec.com
15 ib.adnxs.com static.bigpipes.co
csync.smilewanted.com
acdn.adnxs.com
10 us.ck-ie.com csync.smilewanted.com
10 sync.richaudience.com 5 redirects csync.smilewanted.com
8 ice.360yield.com 8 redirects
8 sync.smartadserver.com 4 redirects csync.smilewanted.com
8 cm.g.doubleclick.net 6 redirects
7 sync.1rx.io 7 redirects
6 match.adsrvr.org csync.smilewanted.com
6 g2.gumgum.com 1 redirects static.bigpipes.co
g2.gumgum.com
6 1.bp.blogspot.com www.cestnormalauquebec.com
6 pagead2.googlesyndication.com www.cestnormalauquebec.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 pixel.rubiconproject.com 3 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 ads.pubmatic.com static.bigpipes.co
5 match.sharethrough.com csync.smilewanted.com
5 ap.lijit.com csync.smilewanted.com
5 static.smilewanted.com csync.smilewanted.com
5 a.teads.tv static.bigpipes.co
5 www.cestnormalauquebec.com 1 redirects www.cestnormalauquebec.com
ajax.googleapis.com
4 token.rubiconproject.com 4 redirects
4 cdn.connectad.io csync.smilewanted.com
4 a.audrte.com 3 redirects
4 eb2.3lift.com static.bigpipes.co
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 tlx.3lift.com static.bigpipes.co
4 prebid.smilewanted.com static.bigpipes.co
4 hbopenbid.pubmatic.com static.bigpipes.co
4 script-api.ccgateway.net carbon-cdn.ccgateway.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.blogger.com www.cestnormalauquebec.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 acdn.adnxs.com static.bigpipes.co
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fastlane.rubiconproject.com static.bigpipes.co
3 btlr.sharethrough.com static.bigpipes.co
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com static.bigpipes.co
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net static.bigpipes.co
securepubads.g.doubleclick.net
3 ad-delivery.net www.cestnormalauquebec.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com static.bigpipes.co
eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 pre.ads.justpremium.com static.bigpipes.co
2 ads.betweendigital.com 2 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 api.btloader.com btloader.com
2 www.google-analytics.com www.cestnormalauquebec.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com www.cestnormalauquebec.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.cestnormalauquebec.com
2 plausible.io www.cestnormalauquebec.com
plausible.io
1 simage4.pubmatic.com ads.pubmatic.com
1 sync-eu.connectad.io cdn.connectad.io
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 rtb.gumgum.com pre.ads.justpremium.com
1 id5-sync.com
1 www.google.com tpc.googlesyndication.com
1 privacy-location-edge.ccgateway.net script-api.ccgateway.net
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 ads.stickyadstv.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 at.teads.tv a.teads.tv
1 js.gumgum.com www.cestnormalauquebec.com
1 d15kdpgjg3unno.cloudfront.net static.bigpipes.co
1 cdn.jsdelivr.net static.bigpipes.co
1 dyv1bugovvq1g.cloudfront.net static.bigpipes.co
1 carbon-cdn.ccgateway.net static.bigpipes.co
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ad.doubleclick.net www.cestnormalauquebec.com
1 static.bigpipes.co www.cestnormalauquebec.com
1 resources.blogblog.com www.cestnormalauquebec.com
1 btloader.com www.cestnormalauquebec.com
1 ajax.googleapis.com www.cestnormalauquebec.com
245 92

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.blogger.com
Subject Issuer Validity Valid
www.cestnormalauquebec.com
GTS CA 1D4		 2023-03-21 -
2023-06-19		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
plausible.io
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
cdn.oboxads.com
R3		 2023-02-22 -
2023-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
ccgateway.net
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-01-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2023-03-16 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 84 frames:

Primary Page: https://www.cestnormalauquebec.com/
Frame ID: C603BA9C4DD4DCEFD59B56DF95A6F87D
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 641AC5DC1D2FC7AE3668A8B53F3A9687
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2891529463319841&output=html&adk=1812271804&adf=3025194257&lmt=1682089061&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682089156529&bpp=2&bdt=483&idt=207&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7881133416632&frm=20&pv=2&ga_vid=1627180391.1682089156&ga_sid=1682089157&ga_hid=1921964517&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44773809%2C31074025%2C44785294&oid=2&pvsid=3707474443720083&tmod=1974157161&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: 036FC961BBDA63B0BCDA9C849308D409
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 00FC0871DC2184CF24C7CA354B11D714
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D1BC1A0230D59B6F7E03A70CBAAEA881
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F
Frame ID: 999C083DE9CD1E83B3545E969C4AAD2C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
Frame ID: B80536C4FECEC7F770D0162C0C6F9FE6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/390e9ae3-30d3-526f-b07e-8b43d43c2f85
Frame ID: CDF369BA40704E41B04ACD5326A7150B
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 517EBDCA5091CC0749B70DFB55C06DA6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b57d0a16b33cfc4b02b1b7823567e5?gdpr_consent=&gdpr=0
Frame ID: 567E1F5AF56BD381E928D89DC75E288D
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 074FA543D855BE82483CEB88D3BCE8A5
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 676B65B69F517C4742C552530B3ECBB1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7hZGU2ybMtAHaMoc3yBN?pi=smilewanted&tc=1
Frame ID: 08B6AEAE6F83E66AA0C03C033D23724A
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Frame ID: 45286B393F58304B9DC75B3583878902
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2EE7F1FECA8A6DB46698E294948DE157
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8AAC44943099DE3F0B6536FD521B219
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0D4D2D1D8EB4F096CD9843B1D9277588
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 603D11347E73EB1CA67FDA5EDA415939
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3E349805B08FA2DE2DE298459F602DE4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: A78E0419C1124F2478492889DCD57555
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: 41942BD5AE1D0C8FF3B2EF83628F07DE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C3D4A1670F337A18ECD8B22C55A0E3F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BBCB645D3EDFB1A89F327885C5B0D27E
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 133E9D6458EB5ADE2BDFD95D26AAB65F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: 318E5604CAED01684A30C8AC2DBC9EEE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A4A91AA8CCAA723254ECB34B90A3FA3C
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 51237517635C7F86EF94B53DAFD9453C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AA0A2480FFB23032C76179D1DC45F609
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Frame ID: CF9CBA5C79946773340E0244B1B6A9D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 56C894C762EEC8B2A5DC8F538785FFB7
Requests: 2 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a7d3z91682089158480
Frame ID: 6560D278BCE02EB20082F84BD2FF03A7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 7073AD8802AC4FDF343D0660757E0DAA
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 62C082469FDFAB56D8E0E1CE351D75DD
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-b4f8d051-0a6c-4f64-8287-7e1ac46900af-42801-1358814%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=16
Frame ID: 7E30EB61238CA8F335C9921B1C811694
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: FEABB5C56DFB972F160FA25955CFEBA1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 13C3D2ECDC6638086084D12558756C40
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 1E5155E1DC0A0BD17B8B981BED6917BA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: BFB5D749D50BD6784E2B2D86D1B64883
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DE00C42266BD2CC8B81ED1EF0BDADC2B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 650D5F44D1CD656518CD0C550BDEAC36
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D76F7C8CD83D429D6D423E5D95603D67
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 75CBD9660EC53D303E51C4BED337C220
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6da56442-a4ca-4100-9ef7-349af96603f2&gdpr=0&gdpr_consent=
Frame ID: 63F9F6D0D8936CEED0A20F16FB52F667
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4170776430570450269
Frame ID: AECD687CCFA60EBEF98E694EC5C8301B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0E492211DE79AA82A4AD8704EC10C631
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924782091295
Frame ID: 0132E762ACE7EEF3F412735BCA056A67
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
Frame ID: CAEB634B284B1529B18C45DAC41039F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 31010575FF6AB25BE2010DF1D0840120
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: CE351E2925498DA8A47BB6F3D3C3A506
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 10AAE6D690834E179C7DF365918C4BA7
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 81750FF59F1054B5EBA43CDDF86DFA10
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2004592931
Frame ID: 026B9B3B5AA78E19791CBF2AD4A59AE5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6804403945
Frame ID: 5C5F32CD550D9B551142744D7DF3616B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805347905
Frame ID: FCED8F1AEB533DB90EFC5A2139E48A42
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8481232093
Frame ID: 3353A625359C009B63491B51122E2058
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 277ACC9CD1E4C8536A34691BE8A01BBA
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 219D0B11FD87E2B189B2CE58107EC17B
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: C472B9A7245B78A36D32A49AB6619F04
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 69F4228BBE0BF7F2E1830596B3FB9797
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 3E5B9C4E30B61B73CA8F4D49EDD98035
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 520D6BC9850E2254F533504735EFF275
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 08163689A3682F99387C34BBDCAA2689
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: C43FE42A78FC13021F6D66DE8D61993B
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 42DBC23AA2DD2626A4E813177D421801
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 5A441C05FF2FF3F1735E5D6DD3F4AC19
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 22B62B7974DBEFE2A8601CF024D45AEF
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 677A191A3F0BAB9D1979728E9AC52E65
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Frame ID: 43DF9F412BDCC3F967BDF9406D56BE6F
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Frame ID: 8974D5AB8C6D6377C38AD8E163B1096C
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Frame ID: 5E03939C1D48EEBA16FE0D21D3BF4040
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Frame ID: EE29E8EBDAE47D41746F631A210A8669
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 4BDFDA600EE45176C8F866764AAABC85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 5B06FB8FC6D1B787622571295D6A0690
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 35D1C5CC8066C91A0097AEF559519E7E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 7497DB839CA71B420C99681A79DF470A
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 7EA7FF9C0B5D9954642AC818C5EA545C
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 88F687AABA02EFFA69C9BFD28CBF7C81
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 597DC234274DB3FA473740C971686025
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 99D4C904FE821A3992CDA977F000B17C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Frame ID: C173FEA8BB6456B8EFED5DE1E0985C7D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Frame ID: 5EECC6F7BFA70B82C7DEB67A29EA7C7A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Frame ID: F6DB5DED9441D23A2AC1F432BE5A985B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Frame ID: 39F393C26AE058C47B5812264C8B07AD
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 572B246D8AD091B94697389A75D50EF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

C'est normal au Québec

Page URL History Show full URLs

  1. http://www.cestnormalauquebec.com/ HTTP 301
    https://www.cestnormalauquebec.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

245
Requests

94 %
HTTPS

38 %
IPv6

58
Domains

92
Subdomains

68
IPs

11
Countries

6309 kB
Transfer

8798 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cestnormalauquebec.com/ HTTP 301
    https://www.cestnormalauquebec.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://g2.gumgum.com/javascripts/ggv2.js HTTP 301
  • https://js.gumgum.com/services.js
Request Chain 77
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F
Request Chain 80
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682089157854 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2268732451 HTTP 302
  • https://sync.1rx.io/usersync/turn/8332168908732906684?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
Request Chain 81
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/390e9ae3-30d3-526f-b07e-8b43d43c2f85
Request Chain 84
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b57d0a16b33cfc4b02b1b7823567e5?gdpr_consent=&gdpr=0
Request Chain 120
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7hZGU2ybMtAHaMoc3yBN?pi=smilewanted&tc=1
Request Chain 121
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6da56442-a4ca-4100-9ef7-349af96603f2&gdpr=0&gdpr_consent=
Request Chain 185
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4170776430570450269
Request Chain 187
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924782091295
Request Chain 188
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUFkFgsfQE6dN27ADMHQWQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 191
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1795511181 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=89416416-0B1F-404E-9D37-6EC00CC1D059
Request Chain 192
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=89416416-0B1F-404E-9D37-6EC00CC1D059 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzRtS0I3S0xFRVRRRE9GeWh1OWxtcXNmQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6189842917302311913&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0MTY0MTYtMEIxRi00MDRFLTlEMzctNkVDMDBDQzFEMDU5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFvYQnJRCOdZuVb8ebqMjMY&google_cver=1
Request Chain 196
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6189842917302311913
Request Chain 198
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 199
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 200
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 201
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 202
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2004592931
Request Chain 203
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6804403945
Request Chain 204
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805347905
Request Chain 205
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8481232093
Request Chain 218
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Request Chain 219
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Request Chain 220
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Request Chain 221
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Request Chain 226
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 227
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 228
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 229
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 230
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Request Chain 231
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Request Chain 232
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Request Chain 233
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/enAR0EjSXRI9newebChRCw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.7VcalE2oLrC3CW1jfEm5LtIK.i9W8O.bcx1w--~A
Request Chain 235
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_WgDg492SIiTIBT1MD2H6w&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_WgDg492SIiTIBT1MD2H6w
Request Chain 236
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmMyNzRjMGRmNDk2ODYxNmNlZDNlMjlhODIyYTkxZDE1MGI5ZjllNQ
Request Chain 237
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQOGD3X-L-G2YF
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDNtq_xL5_yBs4JDJrE0Mk&google_cver=1
Request Chain 239
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdRT0dEM1gtTC1HMllG HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOCImRziRJ55DOLZY3kVsbg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRT0dEM1gtTC1HMllG&google_push=
Request Chain 241
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qGPR_whoSl-Q6uraXynFHg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qGPR_whoSl-Q6uraXynFHg

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cestnormalauquebec.com/
Redirect Chain
  • http://www.cestnormalauquebec.com/
  • https://www.cestnormalauquebec.com/
255 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c367d83c43c3b6408ed29d8b127e867a470cfccfdfb0bbcf1a159bf94d3a7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
53247
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:15 GMT
etag
W/"328f2f20dae8a4e979b380db11ad517cb0dcfd3b6ec3d990c90b94b9a876e5c3"
expires
Fri, 21 Apr 2023 14:59:15 GMT
last-modified
Fri, 21 Apr 2023 14:57:41 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
180
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 14:59:15 GMT
Expires
Fri, 21 Apr 2023 14:59:15 GMT
Location
https://www.cestnormalauquebec.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 11:17:51 GMT
x-content-type-options
nosniff
age
99685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35960
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 23:53:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 19 Apr 2024 11:17:51 GMT
script.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
874
cdn-cachedat
04/21/2023 07:25:58
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.2
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
4c30e70c3c2ec816ba206a4b0c192fd2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ed5dfbed34404108b12338ba65336690324bcc29935c3b8c94a6789eb2000ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47253
x-xss-protection
0
server
cafe
etag
5450934713952036319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 14:59:16 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,700|Kalam:700
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6663c1f1774977abe067827b9559e94691f9611d53410a2e068f0c68cb74ffa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 14:59:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 14:59:16 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
6868171
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7bb67d696a04380f-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 11:19:11 GMT
tag
btloader.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5691217997201408&upapi=true
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfa9b433b1f710be78dc29036bf9e454f9493ce58ff9d6e7d52dda7cd61d3e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Apr 2023 14:12:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2793
etag
W/"838ccd6e8d4fad8a3c3ae68889c05346"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNE9AKTTS%2BmGmpRYw9MggSnTmQIHDH0THClpKJJ%2B559VjHuJXYe%2F%2BWi2tyaBPhYYlJPyC43%2FceuaHF2mN7RsINcOIPRPQRxW09E5Uo7VTGSDFW8zMho2K6V%2BjZc9ohDyY34Tb2LWEqZ8Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7bb67d6abfab2c55-FRA
AVvXsEh5W5NKOxA3uu35OliJAonXd85R7ih9wiyYVBpb3GOP5ZxzJOouWAzHCh5-CAYH3pYkL53CMZqN38U0aJtpv2JmF9JpWsi7Sr1L5VVM2ChvhhSrYEQm-ne1hqWnWbvbET-a9AC8pOCB5YzkkWpBX0WVzU-bUoHjFLXOgl88KNgwQvnPvmpCm5snATk=s150
blogger.googleusercontent.com/img/a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEh5W5NKOxA3uu35OliJAonXd85R7ih9wiyYVBpb3GOP5ZxzJOouWAzHCh5-CAYH3pYkL53CMZqN38U0aJtpv2JmF9JpWsi7Sr1L5VVM2ChvhhSrYEQm-ne1hqWnWbvbET-a9AC8pOCB5YzkkWpBX0WVzU-bUoHjFLXOgl88KNgwQvnPvmpCm5snATk=s150
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bbb9e6e2a6435c62b41a97b2f753dd6cbbf50572e7d0c44aadb9be338b07a6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v6fd3"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="6609.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4426
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
AVvXsEjRFFLRHaHiSqemwbFGkcHJSdPfNa-7fEeCvDFjAX-Dj3iWYfqsMkemcplE5GTkVyi4Ql2Rx9xIoFGhQayRHR0nvEzjR2YW7pkYqSe_ss_DNKT0KcNDlA166AMnKbRbIF1DZXZLzz7uzMeYDweVL5Sz_n0YvQb_VDJ-ZQNurf81RVY6HOUqT_GN1TQ=s450
blogger.googleusercontent.com/img/a/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjRFFLRHaHiSqemwbFGkcHJSdPfNa-7fEeCvDFjAX-Dj3iWYfqsMkemcplE5GTkVyi4Ql2Rx9xIoFGhQayRHR0nvEzjR2YW7pkYqSe_ss_DNKT0KcNDlA166AMnKbRbIF1DZXZLzz7uzMeYDweVL5Sz_n0YvQb_VDJ-ZQNurf81RVY6HOUqT_GN1TQ=s450
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
15371208493fc57a5a1afbe377e99ba47274dc4fdb255a6048ba178c433d6835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v751f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="99.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174996
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:48:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Apr 2023 14:50:51 GMT
server
sffe
age
133856
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 27 Apr 2023 01:48:20 GMT
AVvXsEjhja8NNTX0_3PWzq8qwQ4uvPXbqZe2tm7crLB2rziNyHhO4XPBsIQIGtAejzkk21JWtfgg6JyLk457x24-Bmr09zWWMTi6jToYW7h5I4j-h0tAj92iqOF5Ctf-NDSoxS-rI7mVykzy0W0AAqekC5S86wjBIdCkHJHS5oeHf8pWE6W1x97RbKcs_Vo=s541
blogger.googleusercontent.com/img/a/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjhja8NNTX0_3PWzq8qwQ4uvPXbqZe2tm7crLB2rziNyHhO4XPBsIQIGtAejzkk21JWtfgg6JyLk457x24-Bmr09zWWMTi6jToYW7h5I4j-h0tAj92iqOF5Ctf-NDSoxS-rI7mVykzy0W0AAqekC5S86wjBIdCkHJHS5oeHf8pWE6W1x97RbKcs_Vo=s541
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87621cec1daefc930a1a24265f6e9b3b5874b59a6b84a14b844c0c7442e11010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7521"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="878.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277630
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
AVvXsEhOyAdS2CbX1wjgWBpvaDuxTv6Cl4rsGB9kkJ5BaxxvtmRlbXIdXKQVCrhaN3mjSG_JnAsih09IV4BCUuW-YeGkRLFvSuEQZFbPac2dcBGPr6JtiWrIbCnTQPO0hgiUB_EV-t4aUZB7KElrsUYBmrn7cBYh7EP_jUKEdSs5014O_fT6hE0ZT0Kk1Sw=s419
blogger.googleusercontent.com/img/a/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhOyAdS2CbX1wjgWBpvaDuxTv6Cl4rsGB9kkJ5BaxxvtmRlbXIdXKQVCrhaN3mjSG_JnAsih09IV4BCUuW-YeGkRLFvSuEQZFbPac2dcBGPr6JtiWrIbCnTQPO0hgiUB_EV-t4aUZB7KElrsUYBmrn7cBYh7EP_jUKEdSs5014O_fT6hE0ZT0Kk1Sw=s419
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f15f2bfeee8f7d9b4f3af16675a5ec6493d4f36c93297970381645c080940c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7560"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="grafd.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
374596
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-14%2019_48_02-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKgrzfag6_u1aCKnsNEdy7MyB7WD96-TMh7JUsW2fZ-RiX3VprO23QQgBBGeLRLsgqwCERpEgHNnKZ3IC20icYEmXfA4cLnqV2-bZc4YwZcb8sOX8yI1VId_YV_J6cT16OAiGYrFzUdb4bOeeb... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKgrzfag6_u1aCKnsNEdy7MyB7WD96-TMh7JUsW2fZ-RiX3VprO23QQgBBGeLRLsgqwCERpEgHNnKZ3IC20icYEmXfA4cLnqV2-bZc4YwZcb8sOX8yI1VId_YV_J6cT16OAiGYrFzUdb4bOeebXf9UTW5lYOR8wusZNweHnC8FwdhDbmMxED4DtOU/w72-h72-p-k-no-nu/2023-04-14%2019_48_02-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
da3bdf41ffd359ea66e202e1e3435283c38259e8f982a1cbc7adc21a2d161ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v751b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-14 19_48_02-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9466
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-17%2000_52_23-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAfhCRxvFo3dh70WrA_Fv59pRKZqAUfXWhMPUEo_yMsdLVmyyuudzX1DYG2rr96md7DwhN0tTFDYGKSay1cMhvBuc8V-iUqDDSAVpzfX9Ou15mu38brH7ulazLY_buzxmAkxgWGg6qpexnvGXf... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAfhCRxvFo3dh70WrA_Fv59pRKZqAUfXWhMPUEo_yMsdLVmyyuudzX1DYG2rr96md7DwhN0tTFDYGKSay1cMhvBuc8V-iUqDDSAVpzfX9Ou15mu38brH7ulazLY_buzxmAkxgWGg6qpexnvGXfiWzOYDESX3LzPbstps5Cde0ppuqMuYW6UpP7ftc/w72-h72-p-k-no-nu/2023-04-17%2000_52_23-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dec44fcf6f3ca57cecdc53f6965bf495bf1aef819a5aa32d1fbc663068842fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7548"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-17 00_52_23-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9998
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-17%2018_45_49-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibC0tgGHIORXx0439f4kNsDTQWrJZc7X9uDXKWkIAEYQO21WvVFEgXEaAYVqjjTZxB3rozAJNMcFyp-V3rcZunRDcEDhtJ4sQsgJ3dkjtrR59fTY5ugm0d4qY8a7SLyyDFJTvkH1s9Wyq-lJMa... 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibC0tgGHIORXx0439f4kNsDTQWrJZc7X9uDXKWkIAEYQO21WvVFEgXEaAYVqjjTZxB3rozAJNMcFyp-V3rcZunRDcEDhtJ4sQsgJ3dkjtrR59fTY5ugm0d4qY8a7SLyyDFJTvkH1s9Wyq-lJMaUZBTy3hf9Dx0QFYtFQa7DMGJAzgeGZxjtQWQ_ZE/w72-h72-p-k-no-nu/2023-04-17%2018_45_49-steeve_wolf2%20%28@steeve_wolf2%29%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b80a9239220666db62a132906df6703cea887064f8f3a39784079e8961dafe35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7551"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-17 18_45_49-steeve_wolf2 (@steeve_wolf2) _ TikTok.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-15%2021_36_20-Watch%20_%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoXaX6icCpzPqHDTPqXR5PkdOqprxey0AlLSf_09GfF4H8_Xi8DFl2CX5ABraTk-J2fNDUXP_5WuZlnU6BLvHrwzkyHJnHvXM6q0F11YtasUC5VofNJd8aIssMjAaX3Fsw-iaN0KK_jZ6hPRis... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoXaX6icCpzPqHDTPqXR5PkdOqprxey0AlLSf_09GfF4H8_Xi8DFl2CX5ABraTk-J2fNDUXP_5WuZlnU6BLvHrwzkyHJnHvXM6q0F11YtasUC5VofNJd8aIssMjAaX3Fsw-iaN0KK_jZ6hPRisWlktfxWvcI9365pvDcJpmPiXKorxXtofDGpQz_Y/w72-h72-p-k-no-nu/2023-04-15%2021_36_20-Watch%20_%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
447d1b7a34967a867630d4f2115f4e70b38a8a8af8603282ae766dcb6060bf9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7535"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-15 21_36_20-Watch _ Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9888
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
12134.png
1.bp.blogspot.com/-co1kHtJk4d4/YQNJcF_xgQI/AAAAAAAATeQ/iLtTD-7IFeMxVD8pior91SefujE4UL0RwCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-co1kHtJk4d4/YQNJcF_xgQI/AAAAAAAATeQ/iLtTD-7IFeMxVD8pior91SefujE4UL0RwCLcBGAsYHQ/w72-h72-p-k-no-nu/12134.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c627dca3148cffddbfd669d3d4039500a6017d8d35befd660cb99174336ea6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="12134.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9148
x-xss-protection
0
server
fife
etag
"v4de5"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 14:59:16 GMT
1.png
1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/s706/ 		466 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-6ObwuKY3TsQ/YMTi5AlYNgI/AAAAAAAARy0/u5zUci9UwT0NqO5NTuXPWvjqWAjmJM7uACLcBGAsYHQ/s706/1.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9347c2aecc24e56124025272cc1ce39a533a561919a479bb6c189229f39306fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476873
x-xss-protection
0
server
fife
etag
"v472e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-03-22%2010_50_24-J%E2%80%99imagine%20que%20je%20vais%20trouver%20une%20solution%20%F0%9F%98%94%20insta%20jessouxoo%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4TeiqTDxV_p46ni0MGx2P88T653YXsO7vxQPv9onwIhYIvUtDDHGuTucnjX43idbFwIjxRd6Hms1TxPX07GFba_7eJfIljz6MOppsBDDurMluztBUk1kxfuoFLG9makoqLkp6a1DN6pqgouPK... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4TeiqTDxV_p46ni0MGx2P88T653YXsO7vxQPv9onwIhYIvUtDDHGuTucnjX43idbFwIjxRd6Hms1TxPX07GFba_7eJfIljz6MOppsBDDurMluztBUk1kxfuoFLG9makoqLkp6a1DN6pqgouPKfJ6owZ1UeXJ9wQtu3PTumfMg_eEeXM5PTJ4Pqlk/w72-h72-p-k-no-nu/2023-03-22%2010_50_24-J%E2%80%99imagine%20que%20je%20vais%20trouver%20une%20solution%20%F0%9F%98%94%20insta%20jessouxoo%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d3b94724eac6a5eaa2644094736aa81b43de96ee14ec5dd9be3f2d00e9c5e7a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v738e"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-03-22 10_50_24-J_imagine que je vais trouver une solution _ insta jessouxoo _ TikTok.png";filename*=UTF-8''2023-03-22%2010_50_24-J%E2%80%99imagine%20que%20je%20vais%20trouver%20une%20solution%20%F0%9F%98%94%20insta%20jessouxoo%20_%20TikTok.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9773
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2022-09-29%2013_29_13-R%C3%A9ponse%20%C3%A0%20@Valerie%20Charbonne346%20%23foryourpage%20%23viral%20%23pourtoi%20%23foryou.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfovrGEd1nQbNR3GTspK3kwca12M9P0-II745GyQc-UG_nRu-LpcsEIBG0oD7F4hDPI_jZp4DCfhtbZlwcIPqo2uERcuzkFmJvUqbJjctQqpsjq3w4N1HisGIekP9sD11acmkzBsct_kBh0NVj... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfovrGEd1nQbNR3GTspK3kwca12M9P0-II745GyQc-UG_nRu-LpcsEIBG0oD7F4hDPI_jZp4DCfhtbZlwcIPqo2uERcuzkFmJvUqbJjctQqpsjq3w4N1HisGIekP9sD11acmkzBsct_kBh0NVjV6aRea7CIreP5a94xj11nIspnQnx5VpbbI8AQLA/w72-h72-p-k-no-nu/2022-09-29%2013_29_13-R%C3%A9ponse%20%C3%A0%20@Valerie%20Charbonne346%20%23foryourpage%20%23viral%20%23pourtoi%20%23foryou.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a695cef806676c26f1dbc90709b0936d9096511f44b5a418752bc62290e0cfc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v6f10"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2022-09-29 13_29_13-R_ponse _ @Valerie Charbonne346 #foryourpage #viral #pourtoi #foryou.png";filename*=UTF-8''2022-09-29%2013_29_13-R%C3%A9ponse%20%C3%A0%20%40Valerie%20Charbonne346%20%23foryourpage%20%23viral%20%23pourtoi%20%23foryou.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10226
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
23-56.png
1.bp.blogspot.com/-ulQMVos6Cho/YH3Za5Ns2xI/AAAAAAAAPeM/Vnq6tCRfYHEksBGbVBuDADuFSr-3xIOygCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ulQMVos6Cho/YH3Za5Ns2xI/AAAAAAAAPeM/Vnq6tCRfYHEksBGbVBuDADuFSr-3xIOygCLcBGAsYHQ/w72-h72-p-k-no-nu/23-56.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d9074ad0495107b2c2a56b78752a10c48758d44ad4e34db55c70229045abb4ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="23-56.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11787
x-xss-protection
0
server
fife
etag
"v3de4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 14:59:16 GMT
AVvXsEiTBKWL0w8VVe0EfpeSj9uXQc7k46bKs06CHsBdzWmT1cIBc8z4757QTkHOyEUr3K3Gt08GUyMkbua9qKpTemDh5QW_ZtiUC9turrrtUoCowZ4VW1-XtACDAwxjZsB7qhRN9qxh8WE0VCeiESTgR7axphlD7QNJttLEo6iIAY0MvanBKRz1qyJBR7c=w72-h...
blogger.googleusercontent.com/img/a/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiTBKWL0w8VVe0EfpeSj9uXQc7k46bKs06CHsBdzWmT1cIBc8z4757QTkHOyEUr3K3Gt08GUyMkbua9qKpTemDh5QW_ZtiUC9turrrtUoCowZ4VW1-XtACDAwxjZsB7qhRN9qxh8WE0VCeiESTgR7axphlD7QNJttLEo6iIAY0MvanBKRz1qyJBR7c=w72-h72-p-k-no-nu
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8a7b4865b9f5dd204d742f03eaa515e4c1d5a2df3e17421e14973951eafde7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v6803"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="-09 10_02_27.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11890
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
AVvXsEiYlnl-wXx51c71uSnSx1TexeCaiJoyYnsrnZGKB_iRSEiivYbI3yRP_k876-zX26Zoc52bEntni40s3XrPkMYEPqBXsdmDqcXrkHUNJ9wBRyUXbMNT1-vZ1yVl_2iSB6MZytLhxnSHQ_sTOVJJm_bZA1qAe4psGxYCRsURuthADgclkrqK6KG4_gE=w72-h...
blogger.googleusercontent.com/img/a/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiYlnl-wXx51c71uSnSx1TexeCaiJoyYnsrnZGKB_iRSEiivYbI3yRP_k876-zX26Zoc52bEntni40s3XrPkMYEPqBXsdmDqcXrkHUNJ9wBRyUXbMNT1-vZ1yVl_2iSB6MZytLhxnSHQ_sTOVJJm_bZA1qAe4psGxYCRsURuthADgclkrqK6KG4_gE=w72-h72-p-k-no-nu
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1a2914f504d0e526d30692afcda51550d01de2bd535654fb0bb0aaf3b9ce6a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v597b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="jyutigi.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12487
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
jhfgk.png
1.bp.blogspot.com/-iNLRlkNYYqg/YUqeYMRsAPI/AAAAAAAAVNw/osGBySSN5ug_SnOo35lz32QqteRLj6jdgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-iNLRlkNYYqg/YUqeYMRsAPI/AAAAAAAAVNw/osGBySSN5ug_SnOo35lz32QqteRLj6jdgCLcBGAsYHQ/w72-h72-p-k-no-nu/jhfgk.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d060ed14d9acdb27f654ff22577667c54c1604ce5c2de928ed13a0cf91a4b378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="jhfgk.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11440
x-xss-protection
0
server
fife
etag
"v54de"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-01%2014_37_53-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0BsffH6HvikkVDF9wUhF7qzXQ5Qav55GTpfQHyWz58bIS8ZCu6ukcZn81nVN7qICcQVJZg2qbP1bF0ERtxXvonOBRWIe93BjxTFFfDgeR_M1yfTohdeXcIhEUD4HPH1glnNdeKrWk_FUtVnhR... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0BsffH6HvikkVDF9wUhF7qzXQ5Qav55GTpfQHyWz58bIS8ZCu6ukcZn81nVN7qICcQVJZg2qbP1bF0ERtxXvonOBRWIe93BjxTFFfDgeR_M1yfTohdeXcIhEUD4HPH1glnNdeKrWk_FUtVnhRHhT4cjbVhahDrHciQJ1RouV39fDsyjQ8Y2eBmS4/w72-h72-p-k-no-nu/2023-04-01%2014_37_53-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
018c5000297f4a6128d420bcda8315b496bd7ffe50919ebfdc7044ccb87a79b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7420"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-01 14_37_53-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11253
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
-29%2012_00_20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik6eX2SVAf2QzQH3vTpL4P57kC85c2n7S1J_d0Bo1lJtNMADkkEy9HN0tuVQUw2omLoKqx_KD0vFpNIpdZ_-sCiznmfjFX9YaBrcsX6bGiake5Ypc-a35eTwulzvDUdq9_GLGpyDsbdwqVL63s... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik6eX2SVAf2QzQH3vTpL4P57kC85c2n7S1J_d0Bo1lJtNMADkkEy9HN0tuVQUw2omLoKqx_KD0vFpNIpdZ_-sCiznmfjFX9YaBrcsX6bGiake5Ypc-a35eTwulzvDUdq9_GLGpyDsbdwqVL63sfs_skg8JNKCjR4MahXR6K947-0S1WClcCjn_oPw/w72-h72-p-k-no-nu/-29%2012_00_20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5f8b6bcbcbd3f6addba050263d73ce701a0ccb62cf5791b78376243290edb7a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v6981"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="-29 12_00_20.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11264
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
cookienotice.js
www.cestnormalauquebec.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/js/cookienotice.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 12:52:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 28 Apr 2023 14:59:16 GMT
2659626136-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2659626136-widgets.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b182c213c31b5bfb811007e52b6cedd7391fd27185a6e7b6d307a99ed50f9022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56994
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 01:58:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 18 Apr 2024 02:23:15 GMT
cestnormalauquebec_site.js
static.bigpipes.co/v4/sites/ 		362 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.164.223.117 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-69-164-223-117.newark.nodebalancer.linode.com
Software
nginx /
Resource Hash
872ab0824381810d65d2f3f4cc7adf102c245d98fc6a6aa4eb14d494cd9e27a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 14:58:02 GMT
server
nginx
etag
W/"644152fa-5a969"
content-type
application/javascript
cache-control
max-age=2592000
x-server
proxy09
expires
Sun, 21 May 2023 14:59:17 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 14:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1891
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 21 Apr 2023 16:27:45 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8555745651444687175&zx=082db142-69e6-41b7-9592-2decc425be06
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 14:59:16 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
News
www.cestnormalauquebec.com/feeds/posts/default/-/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/feeds/posts/default/-/News?alt=json-in-script&max-results=3&callback=jQuery1110034535534359899533_1682089156250&_=1682089156251
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
6cc9dffda86536e7a0f129aa658505083cba3f5d7c7ca9d2ca92535f36dda0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.cestnormalauquebec.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 14:57:41 GMT
server
blogger-renderd
etag
W/"371b0cdd267ac3d77ba5b10589b87ebde320846705222cffca04e4d4cd150aee"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
787
x-xss-protection
0
expires
Fri, 21 Apr 2023 14:59:17 GMT
background-4.jpg
1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/background-4.jpg
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:17:15 GMT
x-content-type-options
nosniff
age
6121
content-disposition
inline;filename="background-4.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21513
x-xss-protection
0
server
fife
etag
"vf46"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 13:17:15 GMT
2023-04-21%2010_50_17-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF3qOh-6HcUlVuR8FZswjaT8UxEoKDswflPpdll98n2tMHOFMVRKfc4Tj44q3SJwisKierT-tG2FiMfqLw-SGMtwsz8scLy1x4IGIRtFC6rCH-aAOY7W8ClIwcxgtzvdt9Udo5U3vPT7Z3YGCF... 		651 KB
652 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF3qOh-6HcUlVuR8FZswjaT8UxEoKDswflPpdll98n2tMHOFMVRKfc4Tj44q3SJwisKierT-tG2FiMfqLw-SGMtwsz8scLy1x4IGIRtFC6rCH-aAOY7W8ClIwcxgtzvdt9Udo5U3vPT7Z3YGCFS-S53URrF7siczqQzzCdtTrlusM3CPSHk-2JSIU/s1600/2023-04-21%2010_50_17-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3964e1854d55ca81fe6a3643e492316688ee6427538511208860436beff02f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v759a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-21 10_50_17-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
666868
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:17 GMT
2023-04-20%2022_44_34-Watch%20_%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2fzGDoNB_goNvtgcWFU6poKyMwU8YouLRBIWqI3MFigRVo8Q27KFIzKh0ZIfpgLSoOnYY9Ywh-CLiTPuR7kiOriRcNUQqFfSo1Uh32ZTEq7lQbYAOEEfkJorwe0XDIgAgkhyuc8dUtO_Q-MX8... 		331 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2fzGDoNB_goNvtgcWFU6poKyMwU8YouLRBIWqI3MFigRVo8Q27KFIzKh0ZIfpgLSoOnYY9Ywh-CLiTPuR7kiOriRcNUQqFfSo1Uh32ZTEq7lQbYAOEEfkJorwe0XDIgAgkhyuc8dUtO_Q-MX8Te9EyCLSkEVBGB-524_LEvce2Y29DpnO5uQz9AI/s1600/2023-04-20%2022_44_34-Watch%20_%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e1c79b275b5f2994326a4e0074dc7adb17b34e8ae7b9fb50a111ebfccacebd55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7598"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-20 22_44_34-Watch _ Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
339369
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
FDSG.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixG7Yu16NkPlDaNJut66xp3Lt6TzpIozkfZjCOCFbbB3N8NPZ6jeS0gMRjtpOvaQXfnbpkiRNASZO8lOqjvNbcVDDQnCFYK91dCWQ3sPBr2yZX3SAuQUhdppCogf1JvQk8ungJ-i__cgQLkvCs... 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixG7Yu16NkPlDaNJut66xp3Lt6TzpIozkfZjCOCFbbB3N8NPZ6jeS0gMRjtpOvaQXfnbpkiRNASZO8lOqjvNbcVDDQnCFYK91dCWQ3sPBr2yZX3SAuQUhdppCogf1JvQk8ungJ-i__cgQLkvCs1grcj4conxA4XUV8ABramNMim7dEeEqqATpyc4A/s1600/FDSG.PNG
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3bb311028f7df69cf33ca72a6e0119163aaa2ac8b379c67fc34fc8a989b9b2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7596"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="FDSG.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257722
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-20%2012_15_37-Les%20illumin%C3%A9s%20du%20Qu%C3%A9bec%20-%20Publications%20_%20Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKs1xC_HPuBCHlNdivdDOHesjxgWQEWtXvsMiRUkrgLYbIlRuOpCcJBNJn12lHBHGdCP6QBY8OrFLx0RVAOToiNCmI5gy9PGCCgQbVaPeeg04TCA_Ibt36g_vDBsfDybafA1yshv14evGLBk1T... 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKs1xC_HPuBCHlNdivdDOHesjxgWQEWtXvsMiRUkrgLYbIlRuOpCcJBNJn12lHBHGdCP6QBY8OrFLx0RVAOToiNCmI5gy9PGCCgQbVaPeeg04TCA_Ibt36g_vDBsfDybafA1yshv14evGLBk1TKGiK0YNHrEdBPvDoO0Hy_sm2CziXoY2Nlx7k8-k/s1600/2023-04-20%2012_15_37-Les%20illumin%C3%A9s%20du%20Qu%C3%A9bec%20-%20Publications%20_%20Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cdfa494851973b21db67878b857e56e5ac749bfb11dfcec9db9473a494ceb7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7592"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-20 12_15_37-Les illumin_s du Qu_bec - Publications _ Facebook.png";filename*=UTF-8''2023-04-20%2012_15_37-Les%20illumin%C3%A9s%20du%20Qu%C3%A9bec%20-%20Publications%20_%20Facebook.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139156
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-20%2010_41_42-Vid%C3%A9os%20de%20pierredion%20%28@pierredion69%29%20avec%20son%20original%20-%20pierredion%20_%20TikTok.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0YiOvbvq4lC5N1KABZana9D7Xu8SU37OyLn8txZ7XoKrw_sc1IB-ZN__hBcIkQYHyyOCrySOdcUAdNTYaua-nP9nGmLqXBONVrwXXzX7_S3S6WzBsElVp780GVvsw73LYztvEZLxlePr4T6OX... 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0YiOvbvq4lC5N1KABZana9D7Xu8SU37OyLn8txZ7XoKrw_sc1IB-ZN__hBcIkQYHyyOCrySOdcUAdNTYaua-nP9nGmLqXBONVrwXXzX7_S3S6WzBsElVp780GVvsw73LYztvEZLxlePr4T6OXSW0VFMdEIzzMs8eqGj1JCplTGZgjGImyT25N1E4/s1600/2023-04-20%2010_41_42-Vid%C3%A9os%20de%20pierredion%20%28@pierredion69%29%20avec%20son%20original%20-%20pierredion%20_%20TikTok.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2dde833dba32336d366099eee4a940e5457861e546d8abcec41757807160ec61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7590"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-20 10_41_42-Vid_os de pierredion (@pierredion69) avec son original - pierredion _ TikTok.png";filename*=UTF-8''2023-04-20%2010_41_42-Vid%C3%A9os%20de%20pierredion%20(%40pierredion69)%20avec%20son%20original%20-%20pierredion%20_%20TikTok.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215785
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-19%2022_31_18-coucou%20super%20C%20%E2%80%93%20Recherche%C2%A0Google.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1RZF0bMnaTLnJ4KwQua8-yZ1spxE9orpfdWBJ60mEiIygqruTr6QLIbrNOkPHzqxW7N6m-xGxzwRw_GvwcfT8qmMCwJQiJ_5OMqpEsO93ueldVP7_Kr2v_Pcpu5-aPg8ORnpj4A3W3St-3Ngn... 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1RZF0bMnaTLnJ4KwQua8-yZ1spxE9orpfdWBJ60mEiIygqruTr6QLIbrNOkPHzqxW7N6m-xGxzwRw_GvwcfT8qmMCwJQiJ_5OMqpEsO93ueldVP7_Kr2v_Pcpu5-aPg8ORnpj4A3W3St-3NgniuBU8CmCMNcZFKmjFT_80yUWfCfJgDfT_HGR6Vc/s1600/2023-04-19%2022_31_18-coucou%20super%20C%20%E2%80%93%20Recherche%C2%A0Google.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2b005f0cfa1bdd46c420ca51836b47c4cbc01ae328fbbc75d909b3ece84f2965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v758b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-19 22_31_18-coucou super C _ Recherche_Google.png";filename*=UTF-8''2023-04-19%2022_31_18-coucou%20super%20C%20%E2%80%93%20Recherche%C2%A0Google.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215660
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-19%2021_14_21-Facebook.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifALLvewOhyb91fIjMur_a5CCVKtB_8Py7Pg9nl7oI8qVLdP1AwGFbEz9q-Q8DY171o0PjvHHOxK4tjXfLbwhNBEsrrp7xCfxDT_VW_1D-CtHn0AAp1tAizNfJ_1lXYz7iXv0gzx3el2Td7qxi... 		277 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifALLvewOhyb91fIjMur_a5CCVKtB_8Py7Pg9nl7oI8qVLdP1AwGFbEz9q-Q8DY171o0PjvHHOxK4tjXfLbwhNBEsrrp7xCfxDT_VW_1D-CtHn0AAp1tAizNfJ_1lXYz7iXv0gzx3el2Td7qxiT-5NcJk0TTI0prpQL2YOIGUz75TirGYJfXXiMQk/s1600/2023-04-19%2021_14_21-Facebook.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c9e5a6aa7b2dcabf652926d875831c2329ca75141fb649cad094de8bb4a6b3d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7586"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-19 21_14_21-Facebook.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283990
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-19%2018_37_14-Gr%C3%A8ve%20de%20la%20faim%20de%20Daniel%20Girard%20devant%20TVA%20-%20YouTube.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJ1TiRKIGFqMztIGW9pZM1KLHehDUsvnIhj_uB7Ryy8-eiFAJV8sOBl9ckSbj5xk833XuBJEkEASrg7jC2o-ceRLffd4jdpQaOEHJG88ld0Yn7EFEajsxt1U14d-nWj31Iil2uPz4FqG0ZthUa... 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJ1TiRKIGFqMztIGW9pZM1KLHehDUsvnIhj_uB7Ryy8-eiFAJV8sOBl9ckSbj5xk833XuBJEkEASrg7jC2o-ceRLffd4jdpQaOEHJG88ld0Yn7EFEajsxt1U14d-nWj31Iil2uPz4FqG0ZthUaRuFtuu4t3oeTRCBbZOZ--2ZWUkXBJcWbecFJgV4/s1600/2023-04-19%2018_37_14-Gr%C3%A8ve%20de%20la%20faim%20de%20Daniel%20Girard%20devant%20TVA%20-%20YouTube.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b32506bf840cf26132b693a20ba9b9389765a7a020ff06e6c694d01c095cc58b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v7580"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-19 18_37_14-Gr_ve de la faim de Daniel Girard devant TVA - YouTube.png";filename*=UTF-8''2023-04-19%2018_37_14-Gr%C3%A8ve%20de%20la%20faim%20de%20Daniel%20Girard%20devant%20TVA%20-%20YouTube.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438410
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:16 GMT
556.png
1.bp.blogspot.com/-BkFIY45Q9vo/YRCW6tLhMKI/AAAAAAAATvQ/v0H3AapDam8NP3xFOC3s3ruvqyOmNgPTwCLcBGAsYHQ/s1600/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-BkFIY45Q9vo/YRCW6tLhMKI/AAAAAAAATvQ/v0H3AapDam8NP3xFOC3s3ruvqyOmNgPTwCLcBGAsYHQ/s1600/556.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4012321b9d08abd0c8b5b0df871e427cc42f34dc6c0f68f6103c1c950e157bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="556.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444716
x-xss-protection
0
server
fife
etag
"v4ef6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 22 Apr 2023 14:59:16 GMT
2023-04-19%2008_57_28-2023-04-19%2008_55_43-2023-04-19%2008_48_38-P%C3%A9tition%20%C2%B7%20Pour%20l%E2%80%99heure%20du%20conte%20drag%20%C2%B7%20.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKi4Ti_9_DG3DyQuQ5sDUgpIwZvh0QVuJvbGx2JoQGJZJFcbnbpubiTQxqJveF1NX3XBM91zj5Adje9wNISD8Ml-cXV-Tsotp5FKvahj9kW7jhOqWchae1Evno0ppjSQHO7yeqwg_CnaMFVrE4... 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKi4Ti_9_DG3DyQuQ5sDUgpIwZvh0QVuJvbGx2JoQGJZJFcbnbpubiTQxqJveF1NX3XBM91zj5Adje9wNISD8Ml-cXV-Tsotp5FKvahj9kW7jhOqWchae1Evno0ppjSQHO7yeqwg_CnaMFVrE4ANvJ4glgicbGZRcRvygYm2_bkGwaK-AaW9xq0i4/s1600/2023-04-19%2008_57_28-2023-04-19%2008_55_43-2023-04-19%2008_48_38-P%C3%A9tition%20%C2%B7%20Pour%20l%E2%80%99heure%20du%20conte%20drag%20%C2%B7%20.png
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
847104c8cb53600d615951b2a0a492f3f412d38d9efabc37798528b653cb5264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v757a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2023-04-19 08_57_28-2023-04-19 08_55_43-2023-04-19 08_48_38-P_tition _ Pour l_heure du conte drag _ .png";filename*=UTF-8''2023-04-19%2008_57_28-2023-04-19%2008_55_43-2023-04-19%2008_48_38-P%C3%A9tition%20%C2%B7%20Pour%20l%E2%80%99heure%20du%20conte%20drag%20%C2%B7%20.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
465011
x-xss-protection
0
expires
Sat, 22 Apr 2023 14:59:17 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
40312
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7692782ce5c53c156a575b16bd8e8cbe
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7bb67d6acdfe0410-FRA
cdn-requestpullsuccess
True
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,700|Kalam:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 05:03:35 GMT
x-content-type-options
nosniff
age
122141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 05:03:35 GMT
summary
www.cestnormalauquebec.com/feeds/posts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cestnormalauquebec.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
be58c891af6e0862dc68c1df64fef80797453431d020347dd4d222324e7bf1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 14:57:41 GMT
server
blogger-renderd
etag
W/"bb5ba886cc891b60a6543d4d151e707408cba68dcbc2f91c3d46a9af835925dc"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1237
x-xss-protection
0
expires
Fri, 21 Apr 2023 14:59:17 GMT
px.gif
ad-delivery.net/ 		43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222472
x-guploader-uploadid
ADPycdtofWi2ROsRhgUeHdaHIFi5CkrRDuyJu23b2NMTdlDzyz23cVaFIJWBeN_oGAa5ZjqbexOyPinclJoSKSh3oAxGaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Blr6UNoe2a7s2hf48MFT6R8zpXUy90VIsrWmQ9vm1002LW%2BBgnTixWaJaZcODHwbn%2F3e3o8WpgNFvKK%2Bvxo2nPyXdtfIcSMDBTa1MU%2BTQllYdRRc4VfVLlYHMzQwBl00LFGthSi%2Beo0WHCbC%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bb67d6b0ef39b1c-FRA
expires
Wed, 19 Apr 2023 02:11:24 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 05:30:18 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5439323859150806
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222472
x-guploader-uploadid
ADPycdtofWi2ROsRhgUeHdaHIFi5CkrRDuyJu23b2NMTdlDzyz23cVaFIJWBeN_oGAa5ZjqbexOyPinclJoSKSh3oAxGaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZytOtEDT2SyZbVro66dGwNO48ARCKKGftnmi2FrwR44f%2BzxJUeOrboQsQgIqzNOHsILUEkFFw%2BsXZJMutyj%2B04j7pvR0t115T%2FaFkCUZCcBwp2N1jN0RKPemBWkrgR9qeWS8KaTDGq7ldODJqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bb67d6b1f139b1c-FRA
expires
Wed, 19 Apr 2023 02:11:24 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7846112013966957
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222472
x-guploader-uploadid
ADPycdtofWi2ROsRhgUeHdaHIFi5CkrRDuyJu23b2NMTdlDzyz23cVaFIJWBeN_oGAa5ZjqbexOyPinclJoSKSh3oAxGaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2HJOQcBR9CTQjJUUuQoD3xElw6S8%2FM2brYfmmRowgv0r%2BqPPzHLsS2drEjdB%2FUxK5wgQJPTtFhPU7lMxp1Jzg6gDqfFBSKwnZWtKWkFuOqpQo8HLEgQRjSJk8%2B3zIgEZ3%2BNAQQ0NLutHu2LZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bb67d6b1f149b1c-FRA
expires
Wed, 19 Apr 2023 02:11:24 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8555745651444687175&zx=082db142-69e6-41b7-9592-2decc425be06
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Apr 2023 14:59:16 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1921964517&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ul=en-us&de=UTF-8&dt=C%27est%20normal%20au%20Qu%C3%A9bec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1799134448&gjid=555001713&cid=1627180391.1682089156&tid=UA-114699218-1&_gid=1635447361.1682089156&_r=1&_slc=1&z=114439910
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5691217997201408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=EVbfZqm2&w=6298165205532672&o=5691217997201408&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&sid=SweRS6j23&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5691217997201408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 14:59:16 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
collect
stats.g.doubleclick.net/j/ 		1 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-114699218-1&cid=1627180391.1682089156&jid=1799134448&gjid=555001713&_gid=1635447361.1682089156&_u=IEBAAEAAAAAAACAAI~&z=783732169
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Apr 2023 14:59:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bda7eacd50b318a9a54eef97301d3be286d24fdbb958b60e30b145063dbf6a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121763
x-xss-protection
0
server
cafe
etag
2886114400722163659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 14:59:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 641A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 23:40:46 GMT
etag
2378337311435320485
expires
Thu, 04 May 2023 23:40:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		411 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.cestnormalauquebec.com&callback=_gfp_s_&client=ca-pub-2891529463319841
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29902d47e97bbfec4fcb2bfe96e15317c960a39ac55855be50f543037ca1492b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cestnormalauquebec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cestnormalauquebec.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 036F 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2891529463319841&output=html&adk=1812271804&adf=3025194257&lmt=1682089061&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682089156529&bpp=2&bdt=483&idt=207&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7881133416632&frm=20&pv=2&ga_vid=1627180391.1682089156&ga_sid=1682089157&ga_hid=1921964517&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44773809%2C31074025%2C44785294&oid=2&pvsid=3707474443720083&tmod=1974157161&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 14:59:16 GMT
expires
Fri, 21 Apr 2023 14:59:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
plausible.io/api/ 		2 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
cdn-edgestorageid
864
cdn-cachedat
04/21/2023 14:59:16
cdn-pullzone
682664
application
10.0.0.3
content-length
2
x-request-id
F1f7LRZPtMuAVbDmj-6D
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
87e619e6eae5ace050fe49700c8f2df5
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
script
carbon-cdn.ccgateway.net/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
aa16a38349b0982955c20d1e325404dd7b3b9d9d831d1ef4d3034d9c7f848c5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
cache-control
private,max-age=900
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Fri, 21 Apr 2023 14:59:17 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
7M143009WAXN3Q25
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=
.js
dyv1bugovvq1g.cloudfront.net/54/www.cestnormalauquebec.com/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/54/www.cestnormalauquebec.com/.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:1000:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
211edffe6ef45395bfc2d381f421f86f92416d279ca77d4c395c52f1bf05e1ec

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
286
x-amz-expiration
expiry-date="Wed, 21 Jun 2023 00:00:00 GMT", rule-id="cleanup"
last-modified
Fri, 21 Apr 2023 03:03:44 GMT
server
AmazonS3
etag
"5545f89cffac22e1c2b1baacca07f736"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
PhETnCirNDSmyHQ67EUYtPNbFA6pJBQRWqbfFl2Tcb61JnXzE82NoQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230421
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f06b8d9a42ddca364ceb0f5502eb1354a6e039a78a0c88640eb4e759f961d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39508
x-jsd-version
1.0.1682
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4520-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"637-ypo1f8Iw/ZXw6+J3o6K/4UUbd/A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxK5PB7CPdVh%2F2fVMNBdaYJHuKW56ejDfbZ9RFT%2BNpbC9ag6WwA8nQ3QU5M6J4ymhxEE7zOGSKNV96wp%2FXmcE%2FweYhakT76twqjaNI93xhVhwgZjdEYANa9u4dzeoa2aCllBu%2FKrBqyLfnCErcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bb67d731cd69b9a-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d856bb0a0e0d790a5b2ec38579676aafa83be2775edd6c0cf3c43cb9e2a273e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25373
x-xss-protection
0
server
cafe
etag
232 / 19468 / m202304170101 / config-hash: 4284513554952965536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 14:59:17 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		112 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=54
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a21a5b10241668ca60f4bee12afecd21ac53c27fdb3c4fed132bb80296866f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:53:58 GMT
x-amz-version-id
bltLJYZjbTHdybQOsFIfmVReSCOyEKgc
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 17:53:52 GMT
server
AmazonS3
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"355c931309360c10cc3641822f1a0ada"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
age
75920
x-amz-cf-id
pPbuKFQA-7-TfiebEwENSaPFFtlVT8teEENFI6u4_qaPFWMI-SJp4w==
apstag.js
c.amazon-adsystem.com/aax2/ 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:15:00 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2657
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
6VYdTd6suPIFDdV5KcHgiKp4XraR06EYAgaviy8QUkr0T5-MUZ-WOw==
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb18d2dab81daf8acba3838ceedffcc736ade0a662ee2d00ec8aeb5b36d6afa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7bb67d733ad52c75-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
services.js
js.gumgum.com/
Redirect Chain
  • https://g2.gumgum.com/javascripts/ggv2.js
  • https://js.gumgum.com/services.js
111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: www.cestnormalauquebec.com
URL: https://www.cestnormalauquebec.com/
Protocol
H2
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a1a6e24f8888094e992960b5bba5fed2721ac26145bbc85100fd8fdd199e98e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
NWbS_bxGXqt7mZ2haE7uoXA9U80NCKbb
content-encoding
gzip
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
date
Fri, 21 Apr 2023 14:59:18 GMT
last-modified
Wed, 19 Apr 2023 20:01:03 GMT
server
AmazonS3
x-amz-meta-timing-allow-origin
*
x-amz-cf-pop
FRA56-C2
etag
W/"31d0eba89ff8f4c80c0090404f8c9f70"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-meta-access-control-allow-origin
*
x-amz-cf-id
RHJRt18-0xpHcFgV48DZbKchKb86TmMnJDnS6O5hhUIIPkWdYoAFLg==

Redirect headers

location
https://js.gumgum.com/services.js
access-control-allow-origin
*
date
Fri, 21 Apr 2023 14:59:17 GMT
server
nginx
content-length
162
content-type
text/html
fpc
at.teads.tv/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_18458&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:17 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 21 Apr 2023 14:59:17 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:16 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
KKnsOC9zrtn0KxxtwjM7fB1v2s5OEga6jlHjMDboz3p7BRcXPYmEiQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 06:18:49 GMT
x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
31229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zTWaBskSnM_DT2Wq2-50Ovct0e93OQJNAbiKaM8V0byL3IwNvDxVXA==
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
787153
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb67d738b2d2c75-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 00FC 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d73bb6a2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:17 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D1BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 14:59:17 GMT
X-Sovrn-Pod
ad_ap1ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 999C
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Fri, 21 Apr 2023 14:59:18 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 10:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
16968
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126857
x-xss-protection
0
server
cafe
etag
11988808581808118609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 20 Apr 2024 10:16:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		126 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cestnormalauquebec.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7466eedcd6295910aa803782f2744c38d97022e8a725e019f12ff0427fc573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76
x-xss-protection
0
expires
Fri, 21 Apr 2023 14:59:17 GMT
RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame B805
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682089157854
  • https://ad.turn.com/r/cs?pid=45&rndcb=2268732451
  • https://sync.1rx.io/usersync/turn/8332168908732906684?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-05e1e5aa-bfb4-4055-bfe6-71c...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
0
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d75adc02c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Fri, 21 Apr 2023 14:59:18 GMT
etag
RX05e1e5aabfb44055bfe671c1ff6f8e22003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
390e9ae3-30d3-526f-b07e-8b43d43c2f85
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame CDF3
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/390e9ae3-30d3-526f-b07e-8b43d43c2f85
0
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/390e9ae3-30d3-526f-b07e-8b43d43c2f85
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d75adb92c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/390e9ae3-30d3-526f-b07e-8b43d43c2f85
smwt256.gif
us.ck-ie.com/ Frame 517E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:18 GMT
Server
nginx
139271940
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/139271940?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7352cb45e9b4c13ef8f22d99153f2b6ee239490c9dff084c9200b47c4b2cdbbc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--xcDJWx_5QoHx55ChV65Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-security-policy
script-src 'report-sample' 'nonce--xcDJWx_5QoHx55ChV65Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
b57d0a16b33cfc4b02b1b7823567e5
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 567E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b57d0a16b33cfc4b02b1b7823567e5?gdpr_consent=&gdpr=0
0
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b57d0a16b33cfc4b02b1b7823567e5?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d770f812c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Apr 2023 14:59:18 GMT
Expires
Fri, 21 Apr 2023 14:59:18 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b57d0a16b33cfc4b02b1b7823567e5?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1682089158218018-422
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D54%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-168.compute-1.amazonaws.com
Software
/
Resource Hash
9fed0cc293fbbd6377f3f69e9ae3308541e9c234b1134cba0b1ba8b3c3f253a3

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 21 Apr 2023 14:59:18 GMT
x-amzn-RequestId
2f392165-dabb-551b-91ce-7dd97dbd643f
Content-Length
378
Content-Type
text/xml
v1
match.sharethrough.com/universal/ Frame 074F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.137.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
user.js
script-api.ccgateway.net/script/launcher/2/ 		2 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/2/user.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
userId
script-api.ccgateway.net/ 		225 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/userId
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
70f368ef49146e516ce2aa6bb109b5862fbc2b57787b51f331804b96d7fd34fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private,max-age=3156000
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
api.js
script-api.ccgateway.net/script/launcher/5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/5/api.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
imp
g2.gumgum.com/hbid/ 		376 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682089158056&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aoop-1&fp=3&fpc=USD&t=yznhjw0t&pi=2&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=9830
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6df9b05a4482c28866c55a9a3f8de69b85ddd9789291f8efe9893ff0ecb62ac9

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1682089158058
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.195.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-195-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f133b142d7c1f8065c588486360fd217d64fc61a2d572f06342381da54a0d278

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 21 Apr 2023 14:59:18 GMT
/
prebid.smilewanted.com/ 		0
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bb67d75fe1c2c75-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.90.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-90-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b3c0c34e30b6061155394cbe0f3b568a7265807f3948a04a1007e3c45aeadf49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
30bafb48-e2b7-4155-857e-a38dfb07559b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=x1s17FrpJ1Yyh&cb=0&ws=1600x1200&v=23.414.2006&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-outstream-1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x350%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aoutstream-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.158.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-158-226.atl56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e4521093848f6281702b8cbf821ed89e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL56-P2
x-amz-rid
DZBNNW249KBW7CTKE03D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ancQXiW9v37ALjlCF3uHXIj_vdKFX0NixpSKarruSR3mxVbQLQiAgQ==
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 21 Apr 2023 14:59:18 GMT
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.90.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-90-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		376 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682089158091&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-2&fp=0.1&fpc=USD&maxw=300&maxh=250&si=110831&pi=3&bf=300x250&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=9830
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d35fd91cbe408d3feb7cefa236065e2be89176b905a2aeadc8c437871a633931

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eea7566f2e9199ed3ae70bb249c35975eb940557d3736990a18331f75aa86402
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
7f9eb695-ed90-45e8-97df-872c7d6db2d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
506c693c7eb82095fd8ffe22c087ce6b92aa50c3c6d513a1e99347e04b47e62a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
974b4319-2db1-44de-9644-d8c8e5a151b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bb67d761e442c75-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976366&size_id=15&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=9ef9ed07-94cf-4dd8-a1f3-c1344e2ccd74&l_pb_bid_id=3267a4b6b3c2c96&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.9051531626080176
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f52ebddd396c8925010e90d38db2ee64f4f33a60262ef5da3896701703d6c71d

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=x1s17FrpJ1Yyh&cb=1&ws=1600x1200&v=23.414.2006&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-side-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-2%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.158.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-158-226.atl56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e4521093848f6281702b8cbf821ed89e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL56-P2
x-amz-rid
BEN8KP3XX4Z77PEWCCQZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CD_EV2WFGo-O6XtQm5MuxLz0QqhFyLQNuuzHtpAD1wjQ2ZHWbXAXYQ==
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bb67d762e5b2c75-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
btlr.sharethrough.com/universal/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
imp
g2.gumgum.com/hbid/ 		376 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682089158104&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Acontent-1&fp=0.1&fpc=USD&maxw=300&maxh=250&si=110817&pi=3&bf=300x250&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=9830
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69ddf8f8f77d4eb060350e6021745078b928a69bb94e38114e2028d55e5cd472

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976336&size_id=15&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=c2760991-a191-468e-a978-5bca765c4973&l_pb_bid_id=40c41db1dede42&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.306660279375355
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d9965c12dba9bef2075760f2524e2979cb48b59832cce654795b813bd3b4a87

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
284
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.90.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-90-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dd49b40bb1c4cdae7b9bb0b965bbbc8992bd962a2281904b111e9d1fd6c3d9af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
b6818706-4d0d-4ca3-afc1-8f7d9ce9e1d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ead9af77e9c58dedc7002ebe855385993b6d19b9c64530c5bec6073ec712d649
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
021d8dd0-a180-4706-9e5e-94ecbfc6cc6d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 21 Apr 2023 14:59:18 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=x1s17FrpJ1Yyh&cb=2&ws=1600x1200&v=23.414.2006&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-content-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Acontent-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.158.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-158-226.atl56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e4521093848f6281702b8cbf821ed89e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL56-P2
x-amz-rid
A4134MRQBN35Y5HNK5H0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
EkpvWHo7aPKmNhUyKvSl_b_om0b5egkQE137eanjaE6RTAfuhCe2bA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pid=x1s17FrpJ1Yyh&cb=3&ws=1600x1200&v=23.414.2006&t=700&slots=%5B%7B%22sd%22%3A%22oboxads-side-1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-1%22%7D%5D&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C&pubid=c46e39bc-809d-4e4a-a35c-364605c6a77e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.158.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-158-226.atl56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e4521093848f6281702b8cbf821ed89e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL56-P2
x-amz-rid
WW8X4R05N7HQKEQ0EG8C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1rqAaSmWgzW1FsAV-pXJJDR0PMcqOAA5vsyo8nrIcJIFsJgBVjeBGg==
smw888.gif
us.ck-ie.com/ Frame 676B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:18 GMT
Server
nginx
7hZGU2ybMtAHaMoc3yBN
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 08B6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7hZGU2ybMtAHaMoc3yBN?pi=smilewanted&tc=1
0
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7hZGU2ybMtAHaMoc3yBN?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d774fc72c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Apr 2023 14:59:18 GMT Fri, 21 Apr 2023 14:59:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7hZGU2ybMtAHaMoc3yBN?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 4528
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
912f324b-4084-478a-b920-6d402566fbf2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:18 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d76df362c75-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:18 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
server
cloudflare
AGSKWxVFLSoJbpbLZK8kigGYgNma1V0STW_eHpH6kJnje-thZd_S8jHiWZ89LfKaqASQGjbwwlbMt217NMl1DjJUfSA=
fundingchoicesmessages.google.com/f/ 		309 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVFLSoJbpbLZK8kigGYgNma1V0STW_eHpH6kJnje-thZd_S8jHiWZ89LfKaqASQGjbwwlbMt217NMl1DjJUfSA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyMDg5MTU4LDE5ODAwMDAwMF0sIkE4NDdBQ0YwLTc2NUMtNEYxNC1CQkQ1LTk2NTRFRDdDMkNCMSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmNlc3Rub3JtYWxhdXF1ZWJlYy5jb20vIixudWxsLFtbOCwieV9sTFF0d3Z3bkEiXSxbOSwiZGUiXSxbMTcsIltmYWxzZV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.y_lLQtwvwnA.es5.O/d=1/rs=AJlcJMzVCxCIoXjFgmW-8i8rsA1hDY3N7w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb79bac5d9b9cfe574ac6904c724f96bd678ccd436c021bc3d1362673bcff4b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yeMEudUIgy_5GOOtIneBKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-yeMEudUIgy_5GOOtIneBKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
bundle
script-api.ccgateway.net/script/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/bundle?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
d364316be375ad7ee00ead2016eaed6a9f4503a2fe4d74fffeaa86f066edc358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
public,max-age=1200
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
location
privacy-location-edge.ccgateway.net/privacy/ 		2 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-location-edge.ccgateway.net/privacy/location
Requested by
Host: script-api.ccgateway.net
URL: https://script-api.ccgateway.net/script/bundle?id=www.cestnormalauquebec.com&parentId=dc4aba8178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.y_lLQtwvwnA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzVCxCIoXjFgmW-8i8rsA1hDY3N7w/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9608abff8013e5f601caa8f07cc53f7144c701cf1799c220f99207f7beefcb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 14:59:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 14:59:18 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22530&site_id=364052&zone_id=1976364&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!obox.group,1059,1,,,!rubiconproject.com,22530,1,,,&rf=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=652bde72-ede6-4a29-b82b-bc89f8564c5c&l_pb_bid_id=52076d9d320af0d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&slots=1&rand=0.1473858675184927
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4ad2a30850f0f88deea3c4b935aef0032ecfeacae6299e3b4731b011c15f85cd

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7784b7b4410e5a4c5fea5f3ec8ea2a13acba08e8b2efd8924d188ad4c67598ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
1cf6f4d2-1941-44a7-a501-05a9ebace35e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&tmax=700
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.90.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-90-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cestnormalauquebec.com
date
Fri, 21 Apr 2023 14:59:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 21 Apr 2023 14:59:18 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
578985b6aeb78131f9d0b489ba68c9244471a062a4a330a141d8512d5a403b32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:18 GMT
AN-X-Request-Uuid
3072078a-2f3d-449a-b74e-4a946e31af7f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cestnormalauquebec.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		376 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682089158379&to=0&aun=%2F139271940%2C164638732%2Fcestnormalauquebec_site%2Fcestnormalauquebec_site%3Aside-1&pv=cb151e07-c518-4014-bb13-4282c7ab3aa2&fp=0.1&fpc=USD&maxw=300&maxh=600&si=110830&pi=3&bf=300x600%2C300x250%2C160x600&schain=1.0%2C1!obox.group%2C1059%2C1%2C%2C%2C!gumgum.com%2C15411%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.27.0%22%7D&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ns=9830
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69ddf8f8f77d4eb060350e6021745078b928a69bb94e38114e2028d55e5cd472

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bb67d77d8942c75-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
AGSKWxUClOJS_Yr92KCsgIJTnAMnb1TdfcmbJ1TUMykcPuWmsxMmaWGBwDUoAqq99feOSFldxmbKIUIri0Vq5USaCGiTzjGjiXhCneTAifvzyb_oLvU3dW1NFUJYvBXAMoI3rWRl0kwXrA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUClOJS_Yr92KCsgIJTnAMnb1TdfcmbJ1TUMykcPuWmsxMmaWGBwDUoAqq99feOSFldxmbKIUIri0Vq5USaCGiTzjGjiXhCneTAifvzyb_oLvU3dW1NFUJYvBXAMoI3rWRl0kwXrA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.y_lLQtwvwnA.es5.O/d=1/rs=AJlcJMzVCxCIoXjFgmW-8i8rsA1hDY3N7w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-90dQYA1y5ZVrAH7zSaiPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-90dQYA1y5ZVrAH7zSaiPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.cestnormalauquebec.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a713e9d6a90d572b0f5efe9a037713552461a8e934e277da0fc3fe5ca990b426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11337
x-xss-protection
0
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options
nosniff
age
305887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 02:01:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options
nosniff
age
132866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 02:04:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cestnormalauquebec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
46435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891529463319841&plah=www.cestnormalauquebec.com&bust=31074025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 14:59:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2EE7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 14:20:50 GMT
expires
Sat, 20 Apr 2024 14:20:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E8AA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48a47a16ab0cd2a3a07e2494a03d5e9b509d38e4174ad1c22e8a08d3b83e3513
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kg5gxcCAOspPnqXUloKb4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kg5gxcCAOspPnqXUloKb4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 14:59:18 GMT
expires
Fri, 21 Apr 2023 14:59:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 2EE7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 06:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
288700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 06:47:38 GMT
generate_204
tpc.googlesyndication.com/ Frame 2EE7 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hXOiuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E8AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=3707474443720083&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=3707474443720083&bg=!ISKlInbNAAYfNdXmPzU7ADkAdvg8WtfREmWxTP58I9DPWMd5EsWS-C5oNCz1Sn1DTmyRYYcQUs5Cw_s8IHNQ6pyopDiwKEStazwCAAAAZlIAAAACaAEHmQLZIK9jLhEG4KVrxH_7OCEgaYzlwcXTUPvjTVj9dLuJvL6Suohom1VyNBz4yfX0h-N2K1nXva2iSNKDIT8sSZ4w7k6dW_X0Ki9dKmovq3soywix_z0i4rh0BlvXYknN1e8y3TlehgYD6s9u0cFtOY3Y5OaxHHgm81w6Pi-_qbPLtMyBDF96qrHwGZywJGTrQ0UxYbQRR1VepbZSqG-kAAtqArX7WVH1E3fE9iSuCN_gWhUL5pQMNoMV_wP3tk0E3hdtBNUu66ePql_Afmem8G9mtIpZNf6aC5i996AK6OaYJOdCWpYXIiYSGmD0vv550jmtTpyTPKmOUIf4CDBqiAqCJ3l56IR-D8rWS3uukZIYMk6Zwmdw29W3idzaeJl5cKDQFGDogHt31FAGlEdGVTyTueFOUVqhNRcSYwDceD-OQkskoYExeel5dVuPaW7k1mFQhgQQ7nsRtYsxT8k97vv3vKZh8no8N2jJ7q1vbjuaB7tecpf0xO1_HDoxQp4UZYQCzdFB1uOhB1sJLgf1yXbexE69x6cEOlIbeQFMrsYQzdJ7gbTYbftc24Q6e3Iy4oyCs2ASnc5jqfoa4_uH3xJ5lUjbKPxieG111yyV77VzQABJzznR9dOJrumuqqG_hWCAGZmOtxbyznTKBeu-Kuyj13r0LaT2Sg_9gDcutwMmX5fJfYGEBALKKnEvp-6koNskiQ4z1YB2y_Wr4kPHIJxWGrZ9Gb242d5vPvDMAGOTEnaMDEY_33xIq_UPQFmk-dJ9YEVHS1y4PP-nWlLj1GJ2OCG50vrvmxCSxZGX3JJKSS4b6N5l6ylidwUIIDuEy0zM5D5wWcrF5-CaSySx8U4L-mkDwcZgeTzcyhD2uKQm_cDLBhv2j9HOe7qwmaz_D6KJWPHRsL9oCUSa-plJkYf7dKRgkMs0HwnfC19c4jvoaAVYxmdvq_yYbboexVjMHD3Swp5wV8iP7pSs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
services
g2.gumgum.com/zones/z8p7v025/ 		335 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/z8p7v025/services?dp=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&pu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&ogu=https%3A%2F%2Fwww.cestnormalauquebec.com%2F&rf=&r=3.88.8&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.8%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=2dab577ab0bada8725474e11f903dda5db383dd5&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1682089160495&to=0&vpii=false&vph=1200&vpw=1600&gdprApplies=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/javascripts/ggv2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09bc01125abf3b8b493b375dfe835211a88bba8e050aa077b58d7bd8ca38c75e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:20 GMT
content-encoding
gzip
server
nginx
etag
W/"0b8a5465691296321c6955d28c64b9d38"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cestnormalauquebec.com
access-control-allow-credentials
true
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 0D4D 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
usync.html
eus.rubiconproject.com/ Frame 603D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 14:59:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3E34 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A78E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4194 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame C3D4 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame BBCB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Apr 2023 14:59:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
69, 207373
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230029-FRA
X-Timer
S1682089161.485623,VS0,VE0
sync
eb2.3lift.com/ Frame 133E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 318E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A4A9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Apr 2023 14:59:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
69, 200528
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer
S1682089161.488429,VS0,VE0
/
csync.smilewanted.com/ Frame 5123 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bebb8c488ece77d37966494374034d25df5b855b33f8009473b8be1566212

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8b2af02c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AA0A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Apr 2023 14:59:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
69, 202298
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230055-FRA
X-Timer
S1682089161.488453,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CF9C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 56C8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bebb8c488ece77d37966494374034d25df5b855b33f8009473b8be1566212

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8b2af42c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 6560 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a7d3z91682089158480
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.195.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-195-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b99e3b85e88f123332b796691245889d1e7b3cbc45fdc7bf74102d46fc1ce52d

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 14:59:21 GMT
/
csync.smilewanted.com/ Frame 7073 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bebb8c488ece77d37966494374034d25df5b855b33f8009473b8be1566212

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8b2af82c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 62C0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bigpipes.co
URL: https://static.bigpipes.co/v4/sites/cestnormalauquebec_site.js?cb=1682089156232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0bebb8c488ece77d37966494374034d25df5b855b33f8009473b8be1566212

Request headers

Referer
https://www.cestnormalauquebec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8b2afb2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cestnormalauquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 21 Apr 2023 14:59:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
usync.js
eus.rubiconproject.com/ Frame 603D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6ed3e25666153834637f4547f33cc0b9bd6ae4f5f9f2aaad18c3808700fb537a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 14:59:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:32:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41668
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:33:49 GMT
jp
rtb.gumgum.com/usync/ Frame 7E30 		55 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-b4f8d051-0a6c-4f64-8287-7e1ac46900af-42801-1358814%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=16
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a7d3z91682089158480
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.194.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-194-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
etag
W/"0656d408e84feebb88e950b10efb49503"
server
nginx
timing-allow-origin
*
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5123 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
787157
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb67d8c1d102c75-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 56C8 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
787157
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb67d8c1d372c75-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 62C0 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
787157
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb67d8c2d4f2c75-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7073 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
787157
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb67d8c2d5c2c75-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame BBCB 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:21 GMT
AN-X-Request-Uuid
10a25684-1ac3-4970-9a77-64eb1e935a66
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AA0A 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:21 GMT
AN-X-Request-Uuid
8eb20555-1a87-457f-b440-58029b68c036
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A4A9 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:21 GMT
AN-X-Request-Uuid
b70c246e-f02e-4936-97f7-bad942968ed8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A78E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30394175&p=160753&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
60738df7c3fc1799e48500fa06ac398e7b8f33d73a4d5641dafb97d4759d9e09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
drop_cookie_sw.php
csync.smilewanted.com/ Frame FEAB 		0
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8cef462c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 13C3 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8cef4d2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 1E51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 14:59:21 GMT
X-Sovrn-Pod
ad_ap1ams1
drop_cookie_sw.php
csync.smilewanted.com/ Frame BFB5 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8cef572c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame DE00 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8cef5e2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 650D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 14:59:21 GMT
X-Sovrn-Pod
ad_ap1ams1
pixel
ap.lijit.com/ Frame D76F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 14:59:21 GMT
X-Sovrn-Pod
ad_ap1ams1
pixel
ap.lijit.com/ Frame 75CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 14:59:21 GMT
X-Sovrn-Pod
ad_ap1ams1
Pug
simage2.pubmatic.com/AdServer/ Frame 63F9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6da56442-a4ca-4100-9ef7-349af96603f2&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6da56442-a4ca-4100-9ef7-349af96603f2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:21 GMT
Expires
Fri, 21 Apr 2023 14:59:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x10 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6da56442-a4ca-4100-9ef7-349af96603f2&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame AECD
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4170776430570450269
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4170776430570450269
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4170776430570450269
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0E49 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Fri, 21 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
406771
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 0132
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924782091295
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924782091295
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 21 Apr 2023 14:59:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084924782091295
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame CAEB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
42 B
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 21 Apr 2023 14:59:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A78E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iUFkFgsfQE6dN27ADMHQWQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=63695
accept-ranges
bytes
content-length
5554
expires
Sat, 22 Apr 2023 08:40:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A78E 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=89416416-0B1F-404E-9D37-6EC00CC1D059&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.31.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-31-74.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.185
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame A78E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1795511181
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=89416416-0B1F-404E-9D37-6EC00CC1D059
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=89416416-0B1F-404E-9D37-6EC00CC1D059
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
via
1.1 google
last-modified
Fri, 21 Apr 2023 14:59:21 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=89416416-0B1F-404E-9D37-6EC00CC1D059
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame A78E
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=89416416-0B1F-404E-9D37-6EC00CC1D059
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzRtS0I3S0xFRVRRRE9GeWh1OWxtcXNmQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6189842917302311913&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
23.21.155.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-155-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A78E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk0MTY0MTYtMEIxRi00MDRFLTlEMzctNkVDMDBDQzFEMDU5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A78E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFvYQnJRCOdZuVb8ebqMjMY&google_cver=1
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFvYQnJRCOdZuVb8ebqMjMY&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFvYQnJRCOdZuVb8ebqMjMY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A78E 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 20 Apr 2023 14:59:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A78E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6189842917302311913
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6189842917302311913
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 14:59:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6189842917302311913
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A78E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 14:59:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 3101
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame CE35
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 10AA
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 8175
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
generic
match.adsrvr.org/track/cmf/ Frame 026B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2004592931
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2004592931
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
etag
RX05e1e5aabfb44055bfe671c1ff6f8e22003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2004592931
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 5C5F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6804403945
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6804403945
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
etag
RX05e1e5aabfb44055bfe671c1ff6f8e22003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6804403945
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame FCED
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805347905
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805347905
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
etag
RX05e1e5aabfb44055bfe671c1ff6f8e22003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805347905
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 3353
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8481232093
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8481232093
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 14:59:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 21 Apr 2023 14:59:21 GMT
etag
RX05e1e5aabfb44055bfe671c1ff6f8e22003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8481232093
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
smwt256.gif
us.ck-ie.com/ Frame 277A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:21 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame 219D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:21 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame C472 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame 69F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
v1
match.sharethrough.com/universal/ Frame 3E5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.137.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
v1
match.sharethrough.com/universal/ Frame 520D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.137.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
v1
match.sharethrough.com/universal/ Frame 0816 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.137.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
v1
match.sharethrough.com/universal/ Frame C43F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.137.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-137-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
smw888.gif
us.ck-ie.com/ Frame 42DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 5A44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 22B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 677A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 14:59:22 GMT
Server
nginx
setuid
ib.adnxs.com/prebid/ Frame 43DF
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
f1d37628-0f7e-488c-b4da-5729783090f0
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8ecc032c75-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 8974
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
23877f62-2755-4a6c-883c-8e697581cef1
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8ecc082c75-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 5E03
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
4bba2028-332c-491c-a006-d21400c7cc5a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8ecc092c75-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame EE29
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
b3bcc11c-1c85-4fce-99cf-bdc1b09ec993
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 14:59:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.174; 185.213.155.174; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d8ecc0c2c75-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=7325bc6efeda6991ac73d8df9e71e3d9
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 4BDF 		1 KB
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7bb67d8ffa78bb83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
last-modified
Fri, 21 Apr 2023 13:59:50 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 5B06 		1 KB
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7bb67d8ffa7abb83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
last-modified
Fri, 21 Apr 2023 13:59:50 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 35D1 		1 KB
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7bb67d8ffa7bbb83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
last-modified
Fri, 21 Apr 2023 13:59:50 GMT
server
cloudflare
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 7497 		1 KB
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7bb67d8ffa7dbb83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
last-modified
Fri, 21 Apr 2023 13:59:50 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 7EA7
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 88F6
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 21 Apr 2023 14:59:21 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 597D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 21 Apr 2023 14:59:21 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
getuid
sync.smartadserver.com/ Frame 99D4
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame C173
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
0
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d90fed02c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 5EEC
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d90fecd2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame F6DB
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d90fed12c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 39F3
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb67d90fecb2c75-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 21 Apr 2023 14:59:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b3f273f7-47d5-49a3-a952-60830e20cac5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
tap.php
pixel.rubiconproject.com/ Frame 603D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/enAR0EjSXRI9newebChRCw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.7VcalE2oLrC3CW1jfEm5LtIK.i9W8O.bcx1w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.7VcalE2oLrC3CW1jfEm5LtIK.i9W8O.bcx1w--~A
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 21 Apr 2023 14:59:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.7VcalE2oLrC3CW1jfEm5LtIK.i9W8O.bcx1w--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 603D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_WgDg492SIiTIBT1MD2H6w&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_WgDg492SIiTIBT1MD2H6w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_WgDg492SIiTIBT1MD2H6w
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W3P9X3B0GC32C4FCFFYD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_WgDg492SIiTIBT1MD2H6w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 603D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmMyNzRjMGRmNDk2ODYxNmNlZDNlMjlhODIyYTkxZDE1MGI5ZjllNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmMyNzRjMGRmNDk2ODYxNmNlZDNlMjlhODIyYTkxZDE1MGI5ZjllNQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmMyNzRjMGRmNDk2ODYxNmNlZDNlMjlhODIyYTkxZDE1MGI5ZjllNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 603D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQOGD3X-L-G2YF
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQOGD3X-L-G2YF
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:21 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6EFA450196324E86B00707B5884F56B4 Ref B: FRAEDGE1819 Ref C: 2023-04-21T14:59:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX52ecBOMuSXcDEcngd3A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGQOGD3X-L-G2YF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 603D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDNtq_xL5_yBs4JDJrE0Mk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDNtq_xL5_yBs4JDJrE0Mk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDNtq_xL5_yBs4JDJrE0Mk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 603D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdRT0dEM1gtTC1HMllG
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOCImRziRJ55DOLZY3kVsbg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRT0dEM1gtTC1HMllG&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRT0dEM1gtTC1HMllG&google_push=
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 14:59:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdRT0dEM1gtTC1HMllG&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame 603D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 14:59:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 603D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qGPR_whoSl-Q6uraXynFHg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qGPR_whoSl-Q6uraXynFHg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qGPR_whoSl-Q6uraXynFHg
Protocol
HTTP/1.1
Server
67.220.224.150 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 14:59:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S91WP9KYGF4T0ZBW0YYS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qGPR_whoSl-Q6uraXynFHg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
1
sync-eu.connectad.io/syncer/ Frame 572B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7bb67d908b49bb83-FRA
date
Fri, 21 Apr 2023 14:59:22 GMT
server
cloudflare
SPug
simage4.pubmatic.com/AdServer/ Frame A78E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160753&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:59:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 boolean| credentialless object| OBOXADSQ string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| adsbygoogle number| perPage string| disqusShortname string| commentsSystem boolean| fixedSidebar number| postPerPage object| creditsyear string| no_image object| month_format string| more_text string| comments_text string| pagenav_prev string| pagenav_next undefined| s undefined| o undefined| u function| selectnav object| jQuery1110034535534359899533 undefined| jQuery1110034535534359899533_1682089156250 number| numPages string| firstText string| lastText string| prevText string| nextText string| urlactivepage string| home_page undefined| noPage string| currentPage number| currentPageNo undefined| postLabel function| looppagecurrentg function| totalcountdata function| pagecurrentg function| redirectpage function| redirectlabel function| finddatepost object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __bt_already_invoked object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| pageNumber number| pageStart number| lastPageNo number| pageEnd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ function| plausible object| cookieChoices number| level object| webpackChunkoboxads object| googletag string| CustomerConnectAnalytics function| cca object| pbjs object| _pbjsGlobals object| teads_analytics object| staticSlot object| apstag string| ggv2id boolean| apstagLOADED object| apscustom object| _aps object| a function| opt_getSlotById function| opt_insightsAvailable function| opt_setupRefresh undefined| timeout undefined| opt_dateObj undefined| opt_month undefined| opt_day undefined| opt_year undefined| opt_today undefined| opt_activeDates string| p669620846 string| p669620901 number| p669620902 function| oAddDVTag_ function| oGetPageStats_ function| p669620931 function| oGetSlotRenderedLineItemIdByDivId_ function| p669620926 function| p669620923 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p669620920 function| p669620903 function| p669620899 function| p669620956 function| p669620897 function| p669620909 function| p669620906 function| p669620904 function| p669620880 function| p669620885 function| p669620871 function| p669620870 function| p669620868 function| p669620861 function| oEnableNullChecklistener_ function| p669620913 function| p669620852 function| oPageUnload function| p669620781 function| p669620786 function| oSetDataParam function| p669620905 number| p669620771 string| p669620772 object| p669620773 object| p669620774 boolean| p669620775 number| p669620777 number| p669620778 object| p669620799 string| p669620841 number| p669620782 object| p669620849 string| p669620817 string| p669620818 object| p669620855 number| p669620856 boolean| p669620860 number| p669620862 boolean| p669620864 boolean| p669620914 boolean| p669620889 boolean| p669620916 boolean| oObserverChanges_ boolean| p669620915 boolean| p669620917 boolean| oAudienceListenerEnabled_ object| p669620866 string| oDevice string| p669620954 number| p669620957 string| oParentHostname_ string| oParentPathname_ boolean| p669620867 boolean| p669620869 number| p669620884 boolean| p669620886 number| p669620887 object| p669620876 object| oAdSlots_ object| otkjs boolean| p669620907 boolean| p669620908 object| optimeraInsights string| p669620918 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p669620929 object| p669620930 boolean| oEnableInfiniteScrollUrls_ boolean| p669620925 object| p669620928 object| p669620932 boolean| oHasStnVideo_ object| p669620955 boolean| oActivateK_ object| oRPMCids_ string| oUniqueId_ string| p669620826 function| p669620779 string| p669620780 boolean| p669620848 boolean| p669620828 object| p669620827 number| p669620830 undefined| p669620934 undefined| p669620935 object| opbjs object| oaudLibjs object| ovpjs number| p669620829 object| sw_consent object| p669620854 object| ggevents undefined| bean object| GUMGUM object| oDv number| p669620783 object| prodKObj string| oUrl_ object| optimera object| _ccScriptSettings object| _ccLauncherSettings function| ccao object| _ccReady object| _ccApiReady object| carbonApi object| carbon number| oIndex4_ number| p669620798 object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YzI3NDNkMGVmMTIzMTBjYWxvYWRlcl9qcw== string| YzI3NDNkMGVmMTIzMTBjYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady string| _carbonUID object| carbonUIDCache object| carbonReady object| _ccSettings object| ccRefresh function| slotElementAttachClick function| buildData object| GoogleGcLKhOms object| google_image_requests object| ggData

72 Cookies

Domain/Path Name / Value
.cestnormalauquebec.com/ Name: _ga
Value: GA1.2.1627180391.1682089156
.cestnormalauquebec.com/ Name: _gid
Value: GA1.2.1635447361.1682089156
.cestnormalauquebec.com/ Name: _gat_blogger
Value: 1
.cestnormalauquebec.com/ Name: __gads
Value: ID=a0b433f92f4195c4-225c782ba1dd0078:T=1682089156:RT=1682089156:S=ALNI_MbEtEwdcpOErRBIbuhcA7ijTcX_AQ
.cestnormalauquebec.com/ Name: __gpi
Value: UID=00000bee0594a764:T=1682089156:RT=1682089156:S=ALNI_MZqnP9zX7z-MNgSFzDm-rLW0X3IZQ
.turn.com/ Name: uid
Value: 8332168908732906684
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 390e9ae3-30d3-526f-b07e-8b43d43c2f85
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZEKkxgAANrBDemxA9Y5L1sAdMsoieHlGZWwjJQ==
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003%22%7D
www.cestnormalauquebec.com/ Name: GLAM-JID
Value: 6e982b33abd54f14a94e9870597ab585
www.cestnormalauquebec.com/ Name: GLAM-AID
Value: b32ff072158b4d8cb93663dfcb38e97f
www.cestnormalauquebec.com/ Name: GLAM-SID
Value: fa2db64737cf466c941b2f47f8d745be
www.cestnormalauquebec.com/ Name: __j_state
Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fwww.cestnormalauquebec.com%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%2252b5fe6cc34e42ac87dc5b308143a9ae%22%2C%22extreferer%22%3A%22https%3A%2F%2Fwww.cestnormalauquebec.com%2F%22%2C%22user_worth%22%3A0%7D
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.ads.stickyadstv.com/ Name: UID
Value: b57d0a16b33cfc4b02b1b7823567e5
.creativecdn.com/ Name: u
Value: 7hZGU2ybMtAHaMoc3yBN
.creativecdn.com/ Name: ts
Value: 1682089158
.rubiconproject.com/ Name: khaos
Value: LGQOGD3X-L-G2YF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpesv3vBY0mzT5APvdogVCbaTd6KyMQnau+SmvwaNDOnom0Gr7TRm3KgzX7bwtBLPQuyPfo+UQ7lBLdE3hLBeMuaNgdOVL2Yy+3YaxFosBKrbKpUjWTmmg0
.adnxs.com/ Name: uuid2
Value: 3468451173756766094
.adnxs.com/ Name: icu
Value: ChgIgah3EAoYAiACKAIwxsmKogY4AkACSAIQxsmKogYYAQ..
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 89416416-0B1F-404E-9D37-6EC00CC1D059
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160753:2
.pubmatic.com/ Name: DPSync3
Value: 1683244800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1683331200%3A35%7C1683244800%3A13_7_46_21_161_56_54_8_220
.quantserve.com/ Name: d
Value: EI8BCwHnKPijAA
.quantserve.com/ Name: mc
Value: 6442a4c9-c08ce-1ba0d-71871
.mathtag.com/ Name: uuid
Value: 6da56442-a4ca-4100-9ef7-349af96603f2
.simpli.fi/ Name: suid
Value: D5B0FC86F3C942E492E4D8F6832BDFC9
.weborama.fr/ Name: AFFICHE_W
Value: Fe0RxI1CBfgV60
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkYGFpaGZoYWQOAKcZLIQQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjG3MDKwNDSyNBXiM9SNSgwKNQkvMso39XAFALp246wlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjG3MDKwNDSyNBXiM9SNSgwKNQkvMso39XAFALp246wlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0&KRTB&19420-etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0&KRTB&22979-etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0&KRTB&23462-etr1hC3aoo9hjfGOL4vshy6P8dJh2fCOe9_OX_q0
.de17a.com/ Name: guid
Value: 1.4170776430570450269
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084924782091295
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6da56442-a4ca-4100-9ef7-349af96603f2&KRTB&16736-uid:6da56442-a4ca-4100-9ef7-349af96603f2&KRTB&23019-uid:6da56442-a4ca-4100-9ef7-349af96603f2&KRTB&23114-uid:6da56442-a4ca-4100-9ef7-349af96603f2
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4170776430570450269
.adform.net/ Name: uid
Value: 6189842917302311913
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-05e1e5aa-bfb4-4055-bfe6-71c1ff6f8e22-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222069.66%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6189842917302311913&KRTB&23263-6189842917302311913&KRTB&23481-6189842917302311913
.pubmatic.com/ Name: PugT
Value: 1682089160
.doubleclick.net/ Name: IDE
Value: AHWqTUlAvakum7DXXoVqJq8aUYNIGWSTuHh3mSWroX5DUchmNB8AvbJ9tllD1bgVosA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEFvYQnJRCOdZuVb8ebqMjMY&KRTB&22987-CAESEFvYQnJRCOdZuVb8ebqMjMY&KRTB&23025-CAESEFvYQnJRCOdZuVb8ebqMjMY&KRTB&23386-CAESEFvYQnJRCOdZuVb8ebqMjMY
match.sharethrough.com/ Name: AWSALBCORS
Value: AYNJ+QEArpLM1ol2g3KFZVsu6DoYLUxoquHifuyppe4LR+8cRziqi+X1YKKOctVw56hITOUWOJhiP6ZhnxG0ZgkQ8g2VrX8x7ki5oIncjCq6JvQGuWLPqCb32aza
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2H`eL3Tyd!A#F3.CK$wNl!c]YSz02QgGsEk_8qzkit!75)u^tifFl*l#aV..xpNmjdHp268sjVjF.ocGdD1J%q)3R9[^$P
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI3MzI1YmM2ZWZlZGE2OTkxYWM3M2Q4ZGY5ZTcxZTNkOSIsImV4cGlyZXMiOiIyMDIzLTA3LTIwVDE0OjU5OjIyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA0LTIxVDE0OjU5OjE4WiJ9
.audrte.com/ Name: arcki2
Value: c4mKB7KLEETQDOFyhu9lmqsfA!20220908!1682089162112!ip#185.213.155.174
.audrte.com/ Name: arcki2_pubmatic
Value: 89416416-0B1F-404E-9D37-6EC00CC1D059!20220908!1682089162115
.audrte.com/ Name: arcki2_ddp2
Value: c4mKB7KLEETQDOFyhu9lmqsfA!20220908!1682089162287
.360yield.com/ Name: tuuid_lu
Value: 1682089162
.360yield.com/ Name: tuuid
Value: b3f273f7-47d5-49a3-a952-60830e20cac5
.yahoo.com/ Name: A3
Value: d=AQABBMqkQmQCEOkD4C7cZqoWi7pqIvviingFEgEBAQH2Q2RMZAAAAAAA_eMAAA&S=AQAAAs2yu_fEKklN7Tez139AenQ
.smilewanted.com/ Name: sw_user_params_infos
Value: 6rFe%2FjMDQcrQR37J5vbpKEvaLJMVIzKDqkur1pXj0odZOEhLQPN2xG18vFh9A9OEG76ACtaBa4oIflVMVxetNTi70Ns5ZX5Ivwx7jhPE6%2FkQy64xYi44JFBBvVhVu%2BcYFtbQz2MPdcyaeOOrkU6XrrZb5gur6V%2BvMd0MkUklIHP5nPF4HKu8AHZwYnL%2BIxgPM06b%2B8y8CzE2RP5OPOX%2BnClRDye4X14GbzNu7sMXItjUGRnMexj5%2FapDImmPj1vA545G5mhSY4prmtt5ulablnRZSBdgFRBiAqPueLb4dYtHbnL7GMzgLiBMOf%2B9Bq8LTR2gkjWGQa3DRxegobNFPxKM9DYO7RPy2zm%2FS21lxq77rESkio%2BL2FUSmAA1yeN98KVZmxhJXjDYO9NLKWp%2FIg%3D%3D
.linkedin.com/ Name: bcookie
Value: "v=2&ce461f14-fc55-4ecb-88eb-e0a94747b25d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODIwODkxNjI7MjswMjFqDHcUxSrQRiq+EE5MInWakxeqGlYxl9/wQ4c+PcJOtg==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2756:u=1:x=1:i=1682089162:t=1682175562:v=2:sig=AQF-pVG-xHKIuZd7o5vNGZYjg60siUJ_"
.audrte.com/ Name: arcki2_adform
Value: 6189842917302311913!20220908!1682089162424
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: Az1tGihm40_FmMITyXKzuhQ

1 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=89416416-0B1F-404E-9D37-6EC00CC1D059&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.btloader.com
at.teads.tv
blogger.googleusercontent.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
carbon-cdn.ccgateway.net
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
creativecdn.com
csync.smilewanted.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
js.gumgum.com
match.adsrvr.org
match.sharethrough.com
maxcdn.bootstrapcdn.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
plausible.io
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.smilewanted.com
privacy-location-edge.ccgateway.net
px.ads.linkedin.com
resources.blogblog.com
rtb.gumgum.com
s.amazon-adsystem.com
script-api.ccgateway.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
static.bigpipes.co
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
us.ck-ie.com
www.blogger.com
www.cestnormalauquebec.com
www.google-analytics.com
www.google.com
104.109.78.125
104.111.217.42
104.22.69.131
13.32.27.107
130.211.23.194
138.201.8.249
142.250.186.98
151.101.1.108
162.19.138.119
172.217.16.134
178.250.1.9
18.197.195.125
18.212.140.196
18.64.158.226
185.184.8.90
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.86.139.103
188.42.191.196
193.0.160.130
198.47.127.20
2.16.186.10
2.18.232.7
2.19.228.187
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
216.52.2.91
23.21.155.77
2400:52e0:1e00::864:1
2600:9000:223e:1000:5:82fd:2500:21
2600:9000:2490:1000:11:b309:9100:21
2602:803:c003:200::21
2606:4700:10::6816:37ce
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700::6810:5614
2606:4700::6812:acf
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2013
2a00:1450:4001:830::2009
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9b
2a05:d018:d29:3602:bc92:520b:1528:ac03
3.239.232.168
3.66.137.213
34.111.129.221
34.111.131.239
35.158.90.150
35.204.158.49
37.157.3.20
37.252.171.21
52.213.194.225
52.222.208.154
52.223.40.198
52.46.151.131
52.57.148.57
54.171.31.74
54.216.181.39
67.220.224.150
69.164.223.117
69.173.144.165
76.223.111.18
8.2.108.175
018c5000297f4a6128d420bcda8315b496bd7ffe50919ebfdc7044ccb87a79b9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09bc01125abf3b8b493b375dfe835211a88bba8e050aa077b58d7bd8ca38c75e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
15371208493fc57a5a1afbe377e99ba47274dc4fdb255a6048ba178c433d6835
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a2914f504d0e526d30692afcda51550d01de2bd535654fb0bb0aaf3b9ce6a99
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
211edffe6ef45395bfc2d381f421f86f92416d279ca77d4c395c52f1bf05e1ec
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29902d47e97bbfec4fcb2bfe96e15317c960a39ac55855be50f543037ca1492b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b005f0cfa1bdd46c420ca51836b47c4cbc01ae328fbbc75d909b3ece84f2965
2cfa9b433b1f710be78dc29036bf9e454f9493ce58ff9d6e7d52dda7cd61d3e4
2d9965c12dba9bef2075760f2524e2979cb48b59832cce654795b813bd3b4a87
2dde833dba32336d366099eee4a940e5457861e546d8abcec41757807160ec61
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3964e1854d55ca81fe6a3643e492316688ee6427538511208860436beff02f58
3bb311028f7df69cf33ca72a6e0119163aaa2ac8b379c67fc34fc8a989b9b2d7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4012321b9d08abd0c8b5b0df871e427cc42f34dc6c0f68f6103c1c950e157bec
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
447d1b7a34967a867630d4f2115f4e70b38a8a8af8603282ae766dcb6060bf9f
46f06b8d9a42ddca364ceb0f5502eb1354a6e039a78a0c88640eb4e759f961d1
48a47a16ab0cd2a3a07e2494a03d5e9b509d38e4174ad1c22e8a08d3b83e3513
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4ad2a30850f0f88deea3c4b935aef0032ecfeacae6299e3b4731b011c15f85cd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0bebb8c488ece77d37966494374034d25df5b855b33f8009473b8be1566212
506c693c7eb82095fd8ffe22c087ce6b92aa50c3c6d513a1e99347e04b47e62a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578985b6aeb78131f9d0b489ba68c9244471a062a4a330a141d8512d5a403b32
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5ed5dfbed34404108b12338ba65336690324bcc29935c3b8c94a6789eb2000ac
5f8b6bcbcbd3f6addba050263d73ce701a0ccb62cf5791b78376243290edb7a2
60738df7c3fc1799e48500fa06ac398e7b8f33d73a4d5641dafb97d4759d9e09
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6663c1f1774977abe067827b9559e94691f9611d53410a2e068f0c68cb74ffa4
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e
69ddf8f8f77d4eb060350e6021745078b928a69bb94e38114e2028d55e5cd472
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc9dffda86536e7a0f129aa658505083cba3f5d7c7ca9d2ca92535f36dda0e5
6df9b05a4482c28866c55a9a3f8de69b85ddd9789291f8efe9893ff0ecb62ac9
6ed3e25666153834637f4547f33cc0b9bd6ae4f5f9f2aaad18c3808700fb537a
70f368ef49146e516ce2aa6bb109b5862fbc2b57787b51f331804b96d7fd34fa
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7352cb45e9b4c13ef8f22d99153f2b6ee239490c9dff084c9200b47c4b2cdbbc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792
7784b7b4410e5a4c5fea5f3ec8ea2a13acba08e8b2efd8924d188ad4c67598ac
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
847104c8cb53600d615951b2a0a492f3f412d38d9efabc37798528b653cb5264
872ab0824381810d65d2f3f4cc7adf102c245d98fc6a6aa4eb14d494cd9e27a5
87621cec1daefc930a1a24265f6e9b3b5874b59a6b84a14b844c0c7442e11010
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a1a6e24f8888094e992960b5bba5fed2721ac26145bbc85100fd8fdd199e98e
8a7b4865b9f5dd204d742f03eaa515e4c1d5a2df3e17421e14973951eafde7ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
9347c2aecc24e56124025272cc1ce39a533a561919a479bb6c189229f39306fc
9fed0cc293fbbd6377f3f69e9ae3308541e9c234b1134cba0b1ba8b3c3f253a3
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423
a21a5b10241668ca60f4bee12afecd21ac53c27fdb3c4fed132bb80296866f74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a695cef806676c26f1dbc90709b0936d9096511f44b5a418752bc62290e0cfc6
a713e9d6a90d572b0f5efe9a037713552461a8e934e277da0fc3fe5ca990b426
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aa16a38349b0982955c20d1e325404dd7b3b9d9d831d1ef4d3034d9c7f848c5a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b182c213c31b5bfb811007e52b6cedd7391fd27185a6e7b6d307a99ed50f9022
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b32506bf840cf26132b693a20ba9b9389765a7a020ff06e6c694d01c095cc58b
b3c0c34e30b6061155394cbe0f3b568a7265807f3948a04a1007e3c45aeadf49
b80a9239220666db62a132906df6703cea887064f8f3a39784079e8961dafe35
b99e3b85e88f123332b796691245889d1e7b3cbc45fdc7bf74102d46fc1ce52d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb9e6e2a6435c62b41a97b2f753dd6cbbf50572e7d0c44aadb9be338b07a6e9
bda7eacd50b318a9a54eef97301d3be286d24fdbb958b60e30b145063dbf6a86
be58c891af6e0862dc68c1df64fef80797453431d020347dd4d222324e7bf1e5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c367d83c43c3b6408ed29d8b127e867a470cfccfdfb0bbcf1a159bf94d3a7782
c627dca3148cffddbfd669d3d4039500a6017d8d35befd660cb99174336ea6c4
c7466eedcd6295910aa803782f2744c38d97022e8a725e019f12ff0427fc573d
c9e5a6aa7b2dcabf652926d875831c2329ca75141fb649cad094de8bb4a6b3d2
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cb18d2dab81daf8acba3838ceedffcc736ade0a662ee2d00ec8aeb5b36d6afa1
cb79bac5d9b9cfe574ac6904c724f96bd678ccd436c021bc3d1362673bcff4b4
cdfa494851973b21db67878b857e56e5ac749bfb11dfcec9db9473a494ceb7a0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d060ed14d9acdb27f654ff22577667c54c1604ce5c2de928ed13a0cf91a4b378
d35fd91cbe408d3feb7cefa236065e2be89176b905a2aeadc8c437871a633931
d364316be375ad7ee00ead2016eaed6a9f4503a2fe4d74fffeaa86f066edc358
d3b94724eac6a5eaa2644094736aa81b43de96ee14ec5dd9be3f2d00e9c5e7a3
d856bb0a0e0d790a5b2ec38579676aafa83be2775edd6c0cf3c43cb9e2a273e9
d9074ad0495107b2c2a56b78752a10c48758d44ad4e34db55c70229045abb4ed
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da3bdf41ffd359ea66e202e1e3435283c38259e8f982a1cbc7adc21a2d161ce7
dd49b40bb1c4cdae7b9bb0b965bbbc8992bd962a2281904b111e9d1fd6c3d9af
dec44fcf6f3ca57cecdc53f6965bf495bf1aef819a5aa32d1fbc663068842fb4
e1c79b275b5f2994326a4e0074dc7adb17b34e8ae7b9fb50a111ebfccacebd55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9608abff8013e5f601caa8f07cc53f7144c701cf1799c220f99207f7beefcb3
ead9af77e9c58dedc7002ebe855385993b6d19b9c64530c5bec6073ec712d649
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eea7566f2e9199ed3ae70bb249c35975eb940557d3736990a18331f75aa86402
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f133b142d7c1f8065c588486360fd217d64fc61a2d572f06342381da54a0d278
f15f2bfeee8f7d9b4f3af16675a5ec6493d4f36c93297970381645c080940c26
f52ebddd396c8925010e90d38db2ee64f4f33a60262ef5da3896701703d6c71d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615