www.tirokdo.com Open in urlscan Pro
2600:9000:2315:3400:13:b126:2dc0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tirokdo.com/my-secret-santa-perso
Effective URL:
https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Submission: On December 05 via manual (December 5th 2023, 9:24:29 am UTC) from FR — Scanned from FR

Summary HTTP 120 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 16 domains to perform 120 HTTP transactions. The main IP is 2600:9000:2315:3400:13:b126:2dc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.tirokdo.com. The Cisco Umbrella rank of the primary domain is 587016.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 9th 2023. Valid for: a year.

This is the only time www.tirokdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2600:9000:231... 2600:9000:2315:3400:13:b126:2dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::ac40:994b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100::213:c60b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 4	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:ba61:0:1... 2a00:ba61:0:126::d	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
11	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
120	24

19 2600:9000:2315:3400:13:b126:2dc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.tirokdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:994b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::213:c60b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ba61:0:126::d (France)

ASN35625 (EURAFIBRE-AS, FR)

rr2---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	432 KB
19	tirokdo.com 1 redirects www.tirokdo.com — Cisco Umbrella Rank: 587016	746 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	195 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	32 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	164 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	112 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 16959	159 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9233	799 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	169 KB
1	googlevideo.com rr2---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 832689	1 MB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 17486	408 B
120	16

	Domain	Requested by
24	pagead2.googlesyndication.com	www.tirokdo.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com
19	www.tirokdo.com	1 redirects www.tirokdo.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net www.tirokdo.com
11	js-agent.newrelic.com	www.tirokdo.com
10	cdn.ampproject.org	www.tirokdo.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	client.crisp.chat	www.tirokdo.com
5	csi.gstatic.com	cdn.ampproject.org www.gstatic.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	www.tirokdo.com googleads.g.doubleclick.net
4	px.ads.linkedin.com	3 redirects www.tirokdo.com
4	fonts.gstatic.com	www.tirokdo.com fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	bam.eu01.nr-data.net	www.tirokdo.com
2	snap.licdn.com	www.tirokdo.com
2	www.googletagmanager.com	www.tirokdo.com
1	www.google.com	www.tirokdo.com
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	rr2---sn-apaapm4g-apae.googlevideo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	px4.ads.linkedin.com	www.tirokdo.com
1	www.linkedin.com	1 redirects
1	www.google.fr	www.tirokdo.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
120	24

This site contains links to these domains. Also see Links.

Domain
faq.tirokdo.com
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.my-secret-santa.org
www.amigo-secreto.io

Subject Issuer	Validity	Valid
*.tirokdo.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-05`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.google.fr GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Frame ID: 1EC2B748383774F847B1EE0D476D873C
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 6DF6E217F0A50D465AE9A6C7CE452C30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=2829666606&adk=2087927054&adf=3710195651&pi=t.ma~as.2829666606&w=366&fwrn=4&fwrnh=100&lmt=1701768264&rafmt=1&format=366x280&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264210&bpp=2&bdt=339&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3117439001883&rume=1&frm=20&pv=2&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: C3179756C6F160DA6AD789534C65F2A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&adk=1812271804&adf=3025194257&lmt=1701768264&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264224&bpp=3&bdt=353&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=366x280&nras=1&correlator=3117439001883&rume=1&frm=20&pv=1&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=193
Frame ID: 218FD482FD6DE1452BCD89250C7B626C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: DC643D7DE6DD66B62B852AB12672A96F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8FC97BED0CFEEFDA3A00ED2FBE63A635
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019
Frame ID: BEB337BA7FDAFD7F19DC1329DA37DD67
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 0F871CDBBBABA3564382DDA4D07A0A84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79CC5EBB61C2E101FA8FF5C83D96E226
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D614D98C7AA79A08DFE29DA45308852A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion à Tirokdo

Page URL History Show full URLs

https://www.tirokdo.com/my-secret-santa-perso HTTP 302
https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

120
Requests

99 %
HTTPS

88 %
IPv6

16
Domains

24
Subdomains

24
IPs

5
Countries

3236 kB
Transfer

6898 kB
Size

15
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://faq.tirokdo.com/fr/
Title: Questions / Réponses

Search URL Search Domain Scan URL

URL: https://www.instagram.com/secret_santa_organizer/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tirokdo

Search URL Search Domain Scan URL

URL: https://twitter.com/tirokdo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCz9HcInhbawpd7kCjUJVlbA

Search URL Search Domain Scan URL

URL: https://www.my-secret-santa.org/
Title: English version

Search URL Search Domain Scan URL

URL: https://www.amigo-secreto.io/
Title: Versión en castellano

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tirokdo.com/my-secret-santa-perso HTTP 302
https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2785444%26time%3D1701768264293%26url%3Dhttps%253A%252F%252Fwww.tirokdo.com%252Fconnexion%253Fpage_back%253Dmy-secret-santa-perso%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true&e_ipv6=AQKYdRyqNC2cgwAAAYw5Sv18NKfGkz2JLjTCjir5h5MMBccKMporRFZulQqyPrprsV0HfOM

120 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request connexion Show response
www.tirokdo.com/
Redirect Chain

https://www.tirokdo.com/my-secret-santa-perso
https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

79 KB
79 KB

190ms
190ms

Document
text/html

2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d8ba11519f8e047afe8581d6bdb8ce28f7913bdbccbb9bbf683e143ca5a28ef0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 09:24:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-id: lUbZZN0Cf8Y8q0apY4NauFJgvZqxx22PtJkUNdxPge5jk2UcqXMd6g==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 09:24:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: connexion?page_back=my-secret-santa-perso
pragma: no-cache
server: nginx
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-id: an2fwGqAnpP60RGjsuo6bynRU28Z9sT8FK_AoWJIxrxlQbRtR31I8w==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

GET
H2 200 style_v2.css
www.tirokdo.com/im/ 75 KB
15 KB 46ms
45ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/style_v2.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93cb50e20bdf52a72eff95cbc3ab29d9c1c9e5959fd53ca1c1255948eb4a4886

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 21:56:00 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529b70-12cf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: Hn1RR8aRd-DFdCW0YZfRwG6xNh39uQVJJ3-toT_aROjjMh9N1KNrWg==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 animate.min.css
www.tirokdo.com/im/ 52 KB
4 KB 52ms
51ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/animate.min.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:36 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 21:55:59 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: W/"65529b6f-ce35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: MLCuMlZt45Qt_ybzBFn0xy0_fAwKod9mNUzut8mCR8uD5xmHUp2L0w==
expires: Wed, 13 Dec 2023 22:29:36 GMT

GET
H2 200 all.css
www.tirokdo.com/im/awesome_icon/css/ 208 KB
35 KB 58ms
57ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/awesome_icon/css/all.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f6de71c04d837140d6267f976fc495fff11ad0689ce8c484ef3a0558a15b7c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:14 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d5e-33e85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: cdABYjfSwlClt6vPg_6mS0Cf919DvnVIomDB9_gnVYeAAqh9G378lg==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 glide.core.min.css
www.tirokdo.com/im/glide/css/ 788 B
1 KB 63ms
62ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/glide/css/glide.core.min.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12ff32da630bfe019ae0b1556603693138cac23df8ab8a42e0372c7967916fdc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:36 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:30 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: "65529cf6-314"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 788
x-amz-cf-id: 7Wv6Hv3-E1igd81Kcdu5h8BPdm2Z88wcC85aqx1E2baHj1P6Qc_cLg==
expires: Wed, 13 Dec 2023 22:29:36 GMT

GET
H2 200 glide.theme.min.css
www.tirokdo.com/im/glide/css/ 1 KB
932 B 64ms
63ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/glide/css/glide.theme.min.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b30fc988f395d597dc5e3a81253d6fa9a038bc119e8aa9fe6fb3c3855bf8380e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:36 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:16 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: W/"65529d60-50d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: dlzvUkkp-v5pqMdbRL12YONiYhBRPagSIFbTHXpZh-RALm575f1p0w==
expires: Wed, 13 Dec 2023 22:29:36 GMT

GET
H2 200 glide.min.js Show response
www.tirokdo.com/im/glide/ 23 KB
7 KB 67ms
66ms Script
application/javascript 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/glide/glide.min.js
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a735025df348cfb880f2790451abbf9682dfbef8a9747592ede044cd9b1308c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:36 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:30 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: W/"65529cf6-5ae1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-id: BsnWUA9Yluv8llLUWxf_j5jZxNYacNr4rbME5aWXidpCdVtM3pttPg==
expires: Wed, 13 Dec 2023 22:29:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
www.tirokdo.com/im/jquery/ 91 KB
33 KB 71ms
70ms Script
application/javascript 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/jquery/jquery-1.10.2.min.js
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:16 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d60-16bb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-id: oZKDIguOj9QYRjBRSnGuv6A9Zb-Xl3YibgYQDJzlv_Nr1RF0pJfndA==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 jquery-ui.css
www.tirokdo.com/im/jquery/ 25 KB
5 KB 65ms
65ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/jquery/jquery-ui.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d4d838941d18428f21c7273e2f8e3cf421782c736af7775db9c56ea5b74d6971

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 21:56:00 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529b70-6415"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: EtVnqG_9rORNQRyVhhQk7BffT1kWR8Z2pCBZUXlYW14tfWdL0DNFjQ==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 jquery-ui-1.9.1.min.js Show response
www.tirokdo.com/im/jquery/ 232 KB
62 KB 78ms
78ms Script
application/javascript 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/jquery/jquery-ui-1.9.1.min.js
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:30 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529cf6-39e34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-id: 4SbcgqJLOg8-AuTwu-myoNfaCdmsX5YujdFe3MgrfRT4O6k4Btqi6Q==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 jquery.dialog.css
www.tirokdo.com/im/jquery/jdialog/ 4 KB
2 KB 66ms
65ms Stylesheet
text/css 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/jquery/jdialog/jquery.dialog.css
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 14888a00c0c6aba791804dd9bca8418cc2ccc8a44d555ddd01230f7935525ca1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:49 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d09-115e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: OwOt7OjrlZgvf5_18M55m8iWqamKzWz0miL-g7dxOAJEcdOgkifPdg==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 jquery.dialog.js Show response
www.tirokdo.com/im/jquery/jdialog/ 11 KB
3 KB 86ms
86ms Script
application/javascript 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/jquery/jdialog/jquery.dialog.js
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c257752bf1eb1e875f2fc403ee5389e88be5183c1449f91b0500e9589ddafb6f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:15 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d5f-2cae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-id: YX7tlwkIePmDRlAMwqmaw6gXp8nG4_ixxxQHkGvp2fKXMPGiYbotRw==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 utils_v2.js Show response
www.tirokdo.com/im/ 39 KB
12 KB 72ms
72ms Script
application/javascript 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/utils_v2.js
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c4da2842386925924e43f976a15b619a0b9caba5ca8320709a2b2b8a8e2c4a38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:15 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d5f-9d32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-id: jppaPkeDeclulonKc17uUZLSAM4E3Sm7rN-AFpPMeHa4Ly5kie0hPg==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 amp-consent-0.1.js Show response
cdn.ampproject.org/v0/ 59 KB
18 KB 150ms
89ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-consent-0.1.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a46c6ee86c451e7b713a2166ecb5d4a87771be10f7ebe9e446164d4d8256a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18011
x-xss-protection: 0
server: sffe
etag: "54eef94d4c173462"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 157ms
102ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bebb5a3a14000a9c601f0c5b84508fba2e35d68ed495f8bc83edd5336c40735

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8935
x-xss-protection: 0
server: sffe
etag: "1fde9125c05045bb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 107ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bb5c4c7e8374c09a71c311ceb84321f80ad0d6b811873af0e4dedf3e7c07e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23129
x-xss-protection: 0
server: sffe
etag: "f4c844bd31ac7613"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 logo-red-fr.svg
www.tirokdo.com/im/ 10 KB
4 KB 50ms
50ms Image
image/svg+xml 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tirokdo.com/im/logo-red-fr.svg
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a7c2f8a64192646bb12c358235cc9b0acd9be8a7221f16b4fcc99a3577857923

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:27 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:49 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853696
etag: W/"65529d09-28c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: 7iQ4I7UFECc2p_mgredhUKsqbBgd9qdXzvqhMK9SH_l9wsGcxYFKDQ==
expires: Wed, 13 Dec 2023 22:29:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 175ms
110ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1be51477e9037aeed73b8946e07bd332df598c6ff7ad6ced5b46ab38852de75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51776
x-xss-protection: 0
server: cafe
etag: 7630564491762739913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
78 KB 100ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LHXJ4X

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19355060ec59599c2e1a570db8ac9b7257c763fdb831d72d3c0c18db1e412495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79152
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 97ms
33ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 84164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2023"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c626c79d532-CDG
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 09:24:24 GMT

GET
H2 200 christmas8.webp
www.tirokdo.com/im/img/ 241 KB
242 KB 30ms
30ms Image
image/webp 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tirokdo.com/im/img/christmas8.webp
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bee40aec602b877153b58fddc723cd846fbabff1dd9a7697da81a4154fb9c327

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:39 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:15 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853685
etag: "65529d5f-3c512"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 247058
x-amz-cf-id: 646P529FaJID177EIlG4W79sD_cgCvoWnHRiat5YW6uW1iLQRfISGw==
expires: Wed, 13 Dec 2023 22:29:39 GMT

GET
H2 200 footer-illustration.svg
www.tirokdo.com/im/ 90 KB
25 KB 57ms
57ms Image
image/svg+xml 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tirokdo.com/im/footer-illustration.svg
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/style_v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e5235fd7bb3a8b4bdf8be13eb8ea3b0f04436d64a048da3a78b13e89614c91

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/im/style_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:37 GMT
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:49 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: W/"65529d09-168ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000, public, max-age=31536000
x-amz-cf-id: 3Pf6S0pwRYjZcyo3hjXMWAJBfNxhngwJn-lgSTQgFdL8SLhPVDqGBQ==
expires: Wed, 13 Dec 2023 22:29:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 118ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/style_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Origin: https://www.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:29:10 GMT
x-content-type-options: nosniff
age: 266114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:29:10 GMT

GET
H2 200 fa-solid-900.woff2
www.tirokdo.com/im/awesome_icon/webfonts/ 137 KB
138 KB 58ms
57ms Font
font/woff2 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/awesome_icon/webfonts/fa-solid-900.woff2
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/awesome_icon/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

Referer: https://www.tirokdo.com/im/awesome_icon/css/all.css
Origin: https://www.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:36 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:04:16 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853688
etag: "65529d60-225a0"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 140704
x-amz-cf-id: WMa-N73VNRq8sC_zOWrcWrNsMrtqTuCSestHr8mMPscx7oD0r5r1kA==
expires: Wed, 13 Dec 2023 22:29:36 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 110ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/style_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Origin: https://www.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:52:17 GMT
x-content-type-options: nosniff
age: 315127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14720
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 17:52:17 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPAA.woff2
fonts.gstatic.com/s/raleway/v12/ 20 KB
21 KB 88ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwJYtWqZPAA.woff2

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/style_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e4826be27264de184e934234f9f5166f0cca0a8088424d2cff44e5ee37f591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Origin: https://www.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:15 GMT
x-content-type-options: nosniff
age: 2289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20612
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:26:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:46:15 GMT

GET
H2 200 fa-brands-400.woff2
www.tirokdo.com/im/awesome_icon/webfonts/ 76 KB
76 KB 66ms
65ms Font
font/woff2 2600:9000:2315:3400:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tirokdo.com/im/awesome_icon/webfonts/fa-brands-400.woff2
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/awesome_icon/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3400:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

Referer: https://www.tirokdo.com/im/awesome_icon/css/all.css
Origin: https://www.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:29:37 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 22:02:30 GMT
server: nginx
x-amz-cf-pop: DUS51-P2
age: 1853687
etag: "65529cf6-12e40"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 77376
x-amz-cf-id: jlKJHXyR48P5yMAXQEgWoF0E8wgfqhypuu-E0QaxRg9KIjc9EPikdQ==
expires: Wed, 13 Dec 2023 22:29:37 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 409 KB
102 KB 39ms
38ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?2940d8d

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 9705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-6650b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c62bcc3d532-CDG
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 09:24:24 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 355 KB
48 KB 34ms
34ms Stylesheet
text/css 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 09:15:39 GMT
server: cloudflare
etag: W/"655c753b-58c0e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c62bcc1d532-CDG
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 09:24:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8L064TZ2GY&l=dataLayer&cx=c

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79fe99d4f53e14b7bcf5386b632369bb6dd15f2a5d9c989b31eda887ef3ab3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 83ms
24ms Script
application/javascript 2a02:26f0:7100::213:c60b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::213:c60b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=15778
accept-ranges: bytes
content-length: 596

GET
H3 200 / Show response
client.crisp.chat/settings/website/436d1661-fb31-49e6-a0a5-bf1935eea44c/prelude/ 212 B
544 B 30ms
30ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/436d1661-fb31-49e6-a0a5-bf1935eea44c/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-11-5-10-24

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccde1193a7db179b01ccf5845b0499b069b9fddec2906f45fed23fa619867505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:16:22 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c635ada2a13-CDG
access-control-allow-headers: Content-Type, Origin
expires: Tue, 05 Dec 2023 13:24:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2329404996570503&plah=www.tirokdo.com

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d44c06adb04210f265e24c8b6fbf1881f16c3fc8168ad3175bdeb9f77531ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137569
x-xss-protection: 0
server: cafe
etag: 12591312164092390743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:24:24 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 6DF6 9 KB
4 KB 100ms
27ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 26424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:04:00 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 69ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8L064TZ2GY&gtm=45je3bt0v9105271652z8813003447&_p=1701768263976&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=384823254.1701768264&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701768264&sct=1&seg=0&dl=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&dt=Connexion%20%C3%A0%20Tirokdo&en=page_view&_fv=1&_nsi=1&_ss=1&up.code_langue=tirokdo.com&tfd=788
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8L064TZ2GY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tirokdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 72ms
25ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8L064TZ2GY&cid=384823254.1701768264&gtm=45je3bt0v9105271652z8813003447&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8L064TZ2GY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tirokdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 112ms
53ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8L064TZ2GY&cid=384823254.1701768264&gtm=45je3bt0v9105271652z8813003447&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2135130995

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 25ms
24ms Script
application/javascript 2a02:26f0:7100::213:c60b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::213:c60b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=15803
accept-ranges: bytes
content-length: 12150

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2785444%26time%3D1701768264293%26url%3Dhttps%253A%252F%252Fwww.tirokdo.com%252Fco...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true&e_ipv6=...

0
267 B

233ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true&e_ipv6=AQKYdRyqNC2cgwAAAYw5Sv18NKfGkz2JLjTCjir5h5MMBccKMporRFZulQqyPrprsV0HfOM
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 96F9AD5555C9415593C347B99BB77F35 Ref B: PAR02EDGE0909 Ref C: 2023-12-05T09:24:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLv8zxmxkhXXYvE4o2NQ==

Redirect headers

date: Tue, 05 Dec 2023 09:24:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3BA86F96862242FD9096FBBF681D92B3 Ref B: LON212050719027 Ref C: 2023-12-05T09:24:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2785444&time=1701768264293&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&cookiesTest=true&liSync=true&e_ipv6=AQKYdRyqNC2cgwAAAYw5Sv18NKfGkz2JLjTCjir5h5MMBccKMporRFZulQqyPrprsV0HfOM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLv8zuEr0nlO0JHPRn+w==

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ 56 KB
21 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/rum_fy2021.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b9ce4eb734f784a5d5cb80d50baf93f72394cdfd6f0bac51d6148aeee6aeb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21947
x-xss-protection: 0
server: cafe
etag: 1546410482762478037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 16:12:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2329404996570503&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C31061691%2C31061692

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C317 71 KB
14 KB 915ms
915ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=2829666606&adk=2087927054&adf=3710195651&pi=t.ma~as.2829666606&w=366&fwrn=4&fwrnh=100&lmt=1701768264&rafmt=1&format=366x280&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264210&bpp=2&bdt=339&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3117439001883&rume=1&frm=20&pv=2&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

201629780e30fbdce2adf6544f54772cf6df2c4f0f63ee319a717e2bc0ec0596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:24:25 GMT
expires: Tue, 05 Dec 2023 09:24:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 218F 265 KB
64 KB 849ms
849ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&adk=1812271804&adf=3025194257&lmt=1701768264&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264224&bpp=3&bdt=353&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=366x280&nras=1&correlator=3117439001883&rume=1&frm=20&pv=1&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=193

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7652109b677dd37cf3b43faddf5e4f53de6b3f630e54cf02b1ffe2fa74c89003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 65467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:24:25 GMT
expires: Tue, 05 Dec 2023 09:24:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
client.crisp.chat/settings/website/436d1661-fb31-49e6-a0a5-bf1935eea44c/ 8 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/436d1661-fb31-49e6-a0a5-bf1935eea44c/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1701735551017

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ea0dbb42d1ece29e04e92c23ff61ee38db269a6200dca89438cea85c395893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 08:25:50 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c64ec9c2a13-CDG
access-control-allow-headers: Content-Type, Origin
expires: Tue, 05 Dec 2023 13:24:24 GMT

GET
H3 200 fr.js Show response
client.crisp.chat/static/javascripts/locales/ 8 KB
3 KB 27ms
27ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/fr.js?2940d8d

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452d8019aca7064afd406c02f00a3ff064f26a80fc873ac45175231cc8315687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 14327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1e0e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830b3c651cd62a13-CDG
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 09:24:24 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df30beb87f8a0ab5fb557ab4eef136cb8a6a6bdd1305ebb7b0aa95b3e858b781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55949
x-xss-protection: 0
server: cafe
etag: 14100259282973297976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:24:25 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 200ms
199ms XHR
text/plain 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.tirokdo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 09:24:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5FB0770DEBAA4FACA5F1EC6B0BC1578A Ref B: LON212050719027 Ref C: 2023-12-05T09:24:25Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.tirokdo.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYLv8z0l5Wt+7aUdrXoUw==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame DC64 196 KB
55 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=2829666606&adk=2087927054&adf=3710195651&pi=t.ma~as.2829666606&w=366&fwrn=4&fwrnh=100&lmt=1701768264&rafmt=1&format=366x280&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264210&bpp=2&bdt=339&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3117439001883&rume=1&frm=20&pv=2&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Dec 2023 22:38:15 GMT
age: 38770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Dec 2024 22:38:15 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC64 15 KB
5 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 08:33:14 GMT
age: 262271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC64 95 KB
29 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Dec 2023 13:32:53 GMT
age: 71492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Dec 2024 13:32:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC64 5 KB
2 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 08:55:30 GMT
age: 1735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 08:55:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC64 40 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Dec 2023 22:38:15 GMT
age: 38770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Dec 2024 22:38:15 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC64 6 KB
2 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Dec 2023 11:58:38 GMT
age: 77147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2443
x-xss-protection: 0
server: sffe
etag: "d3619ba7d4f4801f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Dec 2024 11:58:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC64 49 KB
2 KB 101ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac780c60c7e3379fcc97d80bbce0ced8b5d9af5cdb6349dc7b4d0897bb51672d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 09:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:00:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 09:24:25 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC64 3 KB
3 KB 92ms
32ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:30:12 GMT
x-content-type-options: nosniff
server: cafe
age: 10453
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2724
x-xss-protection: 0
expires: Wed, 06 Dec 2023 06:30:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC64 295 B
399 B 109ms
48ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 57593
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC64 0
23 B 68ms
67ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9D9JSOxuZaH9GtrjgAeAl5KQCqXJkNdyk8nj3ucRsY78wgMQASD-uOklYPvhhYOcCqABkaDiyCnIAQmpAi3MpCALMLI-qAMByAMIqgTbAU_Qyk7LXo9wiNu2ZgM1Ijn36mptoOEMYJKmQNPSiWbM_6awoNCHDBggerhBzLWkdjsswiVzs69u_a8MAn1IGoWLyHQIRCetV4L59i56w1QZIxMG1mS1uYSA_c7NIJxFmGTzoBlrIrve_qu7ffF84D70Slm-DUId9k3PUEG5HL61SBAtpHjLmSgLljJ-lwZMGweM04HI2liv6ot7lHnuBXuEiHnhNzNOT4Mz22WV-19KiBSVTptIvdeZwZA8m6Hfoskkbp-wGKS8CvESxcWi-dd668J5wpHvkFa-k8AExtWm_LMEiAXPvYbTS5IFBAgEGAGSBQQIBRgEoAYugAeR2LKoBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFENiangHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WK-gkef894IDmglJaHR0cHM6Ly9vZmZlci1wdWxzbGVyLmNvbS9GUi81ODkwMjU1MzM_dHJhY2tpZD0xMDUxNzQzNjkmY2lkPTg1NC0yMjQtMzQxN4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjMyOTQwNDk5NjU3MDUwMxgA&sigh=4ZTGxckWPSo&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDICaaNKXVNjxxCEPwSVIpU3pdcBmDnYras7n2-pGRkWTjqwPphXMI6gST33ecbL-CGy76xfuL49uln5_1Hrv1XDe_bsZGc3Xpl2YC3ZCsYAQ&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=2829666606&adk=2087927054&adf=3710195651&pi=t.ma~as.2829666606&w=366&fwrn=4&fwrnh=100&lmt=1701768264&rafmt=1&format=366x280&url=https%3A%2F%2Fwww.tirokdo.com%2Fconnexion%3Fpage_back%3Dmy-secret-santa-perso&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701768264210&bpp=2&bdt=339&idt=189&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3117439001883&rume=1&frm=20&pv=2&ga_vid=384823254.1701768264&ga_sid=1701768264&ga_hid=1308739138&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31061691%2C31061692&oid=2&pvsid=2381103142607608&tmod=1609468722&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 09:24:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 09:24:25 GMT

GET
H2 200 645e426035c56e0011091893.jpg
tpc.googlesyndication.com/sadbundle/5910173333552771720/ Frame DC64 9 KB
9 KB 110ms
50ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5910173333552771720/645e426035c56e0011091893.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e9e7516dda885087f6d332422094c13119ecf2132bb47b5c85a14520409b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:59:16 GMT
x-content-type-options: nosniff
age: 59109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8987
x-xss-protection: 0
last-modified: Tue, 23 May 2023 11:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 16:59:16 GMT

GET
H2 200 645e426035c56e0011091892.png
tpc.googlesyndication.com/sadbundle/5910173333552771720/ Frame DC64 2 KB
2 KB 109ms
49ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5910173333552771720/645e426035c56e0011091892.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2552eaab74d7213d83e9fa2232cef30633d79845f201fbc4651748144108ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:19:02 GMT
x-content-type-options: nosniff
age: 7523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1803
x-xss-protection: 0
last-modified: Tue, 23 May 2023 11:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 07:19:02 GMT

GET
DATA 200
OK truncated
/ Frame DC64 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a893a379ddc670916e8425ae2fd4471bed0be3c29189a4c9bcebcf2006370f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 8FC9 9 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 36792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:11:13 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 23:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8FC9 4 KB
1 KB 94ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 09:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 07:57:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 09:24:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8FC9 205 B
295 B 87ms
27ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:58:29 GMT
x-content-type-options: nosniff
age: 55556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 17:58:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8FC9 604 B
1 KB 86ms
26ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:38:28 GMT
x-content-type-options: nosniff
age: 20757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 03:38:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 8FC9 16 KB
7 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 14:37:53 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 8FC9 22 KB
9 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9196
x-xss-protection: 0
server: cafe
etag: 14855042226819348905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 11:50:02 GMT

GET
DATA 200
OK truncated
/ Frame DC64 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbe4f82d83dd3fda5a75131d0d57cd5eb05fdb2a81eb71c1860772df1b8f8770

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame DC64 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b430ea37f7226168dda2cded741e2e27228a4b9e6efd4da7d4cd33e7c6ebcb3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012310301456000/ 23 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-host-v0.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 22:31:35 GMT
age: 211970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7813
x-xss-protection: 0
server: sffe
etag: "1d4497e3d264bf30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 22:31:35 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ Frame DC64 39 KB
39 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:59:13 GMT
x-content-type-options: nosniff
age: 26712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39552
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:09:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 01:59:13 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DC64 0
225 B 97ms
33ms Ping
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1701768265751&qqid=CKHBkef894IDFdox4AodgIsEog&rt=any.link.5.1e.m.r.0.0.17i5.179t~any.script.5.1d.2.1a.0.0.49h.415~any.script.5.1o.b.1c.0.0.mo1.mfp~any.script.5.1o.1.1m.0.0.1pf.1h3~any.script.5.1t.1.1r.0.0.247.1vv~any.script.5.1s.4.1n.0.0.a84.9zs~any.link.5.2u.1.13.1p.0.1bm.13a~any.img.7.31.h.w.0.0.2c0.23o~any.img.7.1x.1.1v.0.0.8c.0~any.img.7.32.1.1d.0.0.gj.87~any.img.7.32.1.1e.0.0.1mf.1e3~any.img.7.36.4.1e.0.0.75z.6xn&met.a4a=dcl.0~ol.0~nvs.1701768265629~ini.1701768265752
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b1fdc9f83bbec90a172a8086cc6d7abe.js Show response
www.gstatic.com/mysidia/ Frame BEB3 9 KB
4 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 08:58:13 GMT

GET
H2 200 f3e4f110ef20728e699563f7b41aab95.js Show response
www.gstatic.com/mysidia/ Frame BEB3 234 KB
84 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f52db409ed7560217c631a7d069bcaff0a2482213b28d3e8ab746f090600ece8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85471
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 21:30:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 22:39:20 GMT

GET
H2 200 1b71563d924ca4f52d2a25828a1baeb1.js Show response
www.gstatic.com/mysidia/ Frame BEB3 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1b71563d924ca4f52d2a25828a1baeb1.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2453efb0ddd056123d8e873da65d6acf0514f3e18e3f685eb86b01ddf7fb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8394
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 19:22:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BEB3 9 KB
1 KB 37ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99fae6468b3bd803389038dbee0d9d96f845779869b3d448db662e735bb8ec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 09:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:42:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 09:24:25 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame BEB3 27 KB
6 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 06 Dec 2023 06:44:09 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame BEB3 51 KB
11 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:43:30 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame BEB3 18 KB
5 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:27:30 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame BEB3 103 KB
18 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 19:18:30 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame BEB3 58 KB
10 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 17:24:33 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame BEB3 31 KB
3 KB 37ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:58:35 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame BEB3 3 KB
791 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:17:05 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame BEB3 2 KB
636 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:48:38 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame BEB3 37 KB
4 KB 32ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 17:10:40 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame BEB3 51 KB
5 KB 33ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:48:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BEB3 2 KB
903 B 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:06 GMT

GET
H2 200 b3d22904135f8697752ffb260ada44de.js Show response
www.gstatic.com/mysidia/ Frame BEB3 23 KB
10 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b3d22904135f8697752ffb260ada44de.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9829
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 11:58:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame BEB3 24 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:59:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BEB3 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 03:34:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BEB3 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:55:46 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BEB3 202 KB
64 KB 122ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:24:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BEB3 0
54 B 33ms
32ms Ping
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lps4vxrg&c=2621975245134&slotId=1310987622567&eee=missing-element&bi=missing-id&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BEB3 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 475e3e88a99b6570a8da6f06080b3a99fe56a7ba144972f9a51db44a70f33597

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-apaapm4g-apae.googlevideo.com/ Frame BEB3 1 MB
1 MB 87ms
44ms Media
video/mp4 2a00:ba61:0:126::d
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1701797065&ei=SexuZe2cB4_P6dsPod6L8AI&ip=2001:41d0:d:364d::4&id=248f12cda273f9bc&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=YG&mm=31&mn=sn-apaapm4g-apae&ms=au&mv=m&mvi=2&pcm2cms=yes&pl=45&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.173&lmt=1681456053216653&mt=1701768062&cpn=RzNAKMwryW6rl5X5&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRAIgSwsfnJ7NXjDGMaijNih7uKDgHVy1T1Rcb-tI0YtoQKYCIG3aAJ7dcHim6paMFLUqe0VOGl6qnkJXuA66r-ZA20Og&lsparams=mh,mm,mn,ms,mv,mvi,pcm2cms,pl&lsig=AM8Gb2swRgIhAOyudPaLQeKPbHEuGLNd2FT1ffoEPziu7C7ZCLD-Ix-RAiEApg25rN_2IHm0s3qfwiJ6tL9nJ1wUyOYRG8jizarLpXU=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3ed2481d89b929ad7c476a65b0b04def24f8fa639bc4d8215737eec2014f2ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 05 Dec 2023 09:24:25 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-1169743/1169744
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1169744
Last-Modified: Fri, 14 Apr 2023 07:07:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=28500
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Tue, 05 Dec 2023 09:24:25 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BEB3 0
28 B 63ms
63ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCUxhbmRzY2FwZQoKCAIqBnNlcnZlcgouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAAGEAwAQoNECshAAAAAABAVUAwARIaQ09MZmtlZjg5NElERlVrSFZRZ2RKY3NDU1EiIWxlYWRnZW4vc25vbV92aWRlb193ZWJfcmVzdHJpY3RlZCgs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1b71563d924ca4f52d2a25828a1baeb1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-api.737e0ca6-1227.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 55ms
18ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.737e0ca6-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: xxD3n5WkgAIcsBKQc6rOyJMq0iQP1imY
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDNJGWZJNWY43SV
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1173
x-amz-id-2: zSkKIsWOCSmiK9rWP7YKGp/q9Bup5X5XpzE7VwXZLMRvCregnDBO8/CRH8Qqs2HEGY6fDzmjjbI=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:57:46 GMT
server: AmazonS3
x-timer: S1701768266.111438,VS0,VE0
etag: "d12e5c859f6125ad9fcfab27abe9d60a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14162

GET
H2 200 lazy-loader.540ab0d1-1227.min.js Show response
js-agent.newrelic.com/ 928 B
631 B 56ms
19ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.540ab0d1-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: nXnQM8hUORGu9xmXH6U5nb_4xQadm0j7
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDQNX9CJGXQS3MJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 399
x-amz-id-2: 63VDG6YQzYcKjMEwxWWPlyYCo2XGncYtkKmUTNk/YL4zZx1mTunTeOO/l65TyHwJR3zK7O2SAX4=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:58:29 GMT
server: AmazonS3
x-timer: S1701768266.111453,VS0,VE0
etag: "a041a84a662929211a210e7b10cc82d0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14107

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 131ms
78ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5ab444237b10f07c82db36332134ca3e4c272bff7e5a6e413cec8424bb12877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12261
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F87 50 KB
19 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame BEB3 64 KB
24 KB 88ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aca3164c844d6540d0a938f3d810f4fc3816554ddba6fd46ea671a9a056fbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24465
x-xss-protection: 0
server: cafe
etag: 15003627674774399038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:32:05 GMT

GET
H2 200 178.52056f28-1227.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 18ms
17ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/178.52056f28-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: XXnPamRscOfwAdxyJ.Xag79c6x.nTIWH
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDGNJZAK0JW2RP1
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3984
x-amz-id-2: InoNQUrVV1uTAPj49cmPfGVsFa/rPACqP0k5zDntLwJAZqdxR+OVOrytfxeN3EKhw1XZKOJkZSk=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:56:07 GMT
server: AmazonS3
x-timer: S1701768266.138140,VS0,VE0
etag: "b21a67c8e50dcceef0405ebb063eca96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14117

GET
H2 200 page_view_event-aggregate.2ae3c96c-1227.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 19ms
19ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.2ae3c96c-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: oDmL7xg6aLtfbytYPI2kResXpvF1e_1T
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDMSR5MECXC34Z0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1754
x-amz-id-2: r1Wn5GFBqsBFE7corrWEwYxSFpk1bdVLkf0ovqmbfTVUNcHsaSzLwA7dvLnCJMG29p0Y8OoYISc=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 21:34:32 GMT
server: AmazonS3
x-timer: S1701768266.138277,VS0,VE0
etag: "f768d3f0fb8ea163c644cfa4a536676d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14079

GET
H2 200 page_view_timing-aggregate.a7d9d7be-1227.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 20ms
19ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.a7d9d7be-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: rW3Ut6Zm833_MNYzGO6LVQiN6Gb46OgL
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDM6E4KFY0KWFPY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2302
x-amz-id-2: LLRbMc/SEeY0N1ENBjBbaQ51pMw5iRSdz6rjaXlzkkWys77NFrI9FVrPb6vApUxHH7O0ZTqbAp4=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 21:34:58 GMT
server: AmazonS3
x-timer: S1701768266.138444,VS0,VE0
etag: "eb3b7aaf78edc0a629532c28a1c06b8a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14093

GET
H2 200 metrics-aggregate.28086cfb-1227.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 21ms
20ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.28086cfb-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: otJN54R23Iz1Vd9LakxTIwxalt8BTvuV
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDZNZAPWWCHEAE4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1822
x-amz-id-2: y+zNY43wp+xQUmAlzP3Wr4FrlmtufwMbL3iimMU6nE1uUr3rHm7wUkLHHE2gZ4/8oAtNsyLyEaY=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:58:38 GMT
server: AmazonS3
x-timer: S1701768266.138810,VS0,VE0
etag: "fd7ae418fde6eab067f9005c5dccc62b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14082

GET
H2 200 jserrors-aggregate.941c6e17-1227.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 20ms
20ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.941c6e17-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69b32d756292121e2117de2a537e21b4904552251a9e1e26e702d679f7663526

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 3qCb10uDuaHjFJQAJQJz3qxIJpAfaMso
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDXY1VBPXZSPX9D
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3073
x-amz-id-2: OtqzDRlFpDzcRvgywv9J88oVNc3kJpr+DYW/+Tz1nMU/DJMgB7ebOcexU2cxwER4k0FrBvEhVkY=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:58:12 GMT
server: AmazonS3
x-timer: S1701768266.138799,VS0,VE0
etag: "8a0b3cc73395206dfac178f98f412980"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14095

GET
H2 200 ajax-aggregate.52cc993d-1227.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 20ms
20ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.52cc993d-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f025516815a6f6cebe8eecae606c07df1144a6776a8773909ec484a7bc00d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: N3yNKoOBGvUf2dAWBg1iio7SS069y93f
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDHN44RQEZQZ8YW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2458
x-amz-id-2: uYO8GI134AHlFSEqrUCZTvjepVDZ68dcxThL48+LnTdYKT8dJn/Y5b0o5XJ50MMa4BiuP1KY7iQ=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 20:57:24 GMT
server: AmazonS3
x-timer: S1701768266.138895,VS0,VE0
etag: "02a285136a56fd1bcf1e6bf9df3ce3f5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14074

GET
H2 200 session_trace-aggregate.545db67a-1227.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 22ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.545db67a-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e385f33cc0f04ff34640fd671e218e34ab359a851f4aaf0e368543ca71eb91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: IX9ai9FgwteB3A3UPKezS28gbL8RSLqb
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDK78EQQD15JXVA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3931
x-amz-id-2: p5c3gx6V/Dc9r9TFTTLf+qS5CGOK9k4fG6nm585P2CxccJnTAlQPhUBtXFYnbg9FlesECFsmcE0=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 21:36:03 GMT
server: AmazonS3
x-timer: S1701768266.139359,VS0,VE0
etag: "00f1a92b2eb88dcbd4684c44ca621600"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14120

GET
H2 200 page_action-aggregate.2f41aaf7-1227.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 23ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.2f41aaf7-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7eeb8f5fe5d1db1f669d2f96afec846928617ee6bb6d597c698c7da61ff29f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: I2lCsOZrN.Kkd9qicdUbhnWgny7yGInC
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDMAG2K6G97KJ6K
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1248
x-amz-id-2: 3VNPqZx6Y2xxOKB0B2G26YzKK+VjbejjZr2Pod5R/5bc/5caMVKzNxUNyKVVCAytEjuoA4v9lB0=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 21:34:16 GMT
server: AmazonS3
x-timer: S1701768266.139738,VS0,VE0
etag: "92a020a299ca63b75917d615a52d026c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 14042

GET
H2 200 spa-aggregate.494130b7-1227.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 23ms
23ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.494130b7-1227.min.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8610d116c02bfa0c447943a326878b3e8e51a46192a18f70589c22bf7b5a1193

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vQ3elkESakdrjnhq00lo0PPUgB0Gj4.e
content-encoding: br
via: 1.1 varnish
date: Tue, 05 Dec 2023 09:24:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: XKDM4G2Y2EKPKK62
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7008
x-amz-id-2: ZzrhOppxV9fsFAwlQYD9KK8BOnI4VnAohJ1Cnvmu8VxOtz/kVmdGJh5iEnyHYf2+fevFwwcep/A=
x-served-by: cache-lcy-eglc8600058-LCY
last-modified: Wed, 18 Oct 2023 21:36:22 GMT
server: AmazonS3
x-timer: S1701768266.139893,VS0,VE0
etag: "c9a85289539a80c3ce75d510ee52f0c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 13965

GET
H/1.1 200 NRJS-92dfd1d5961bd5a0256 Show response
bam.eu01.nr-data.net/1/ 56 B
457 B 91ms
41ms Script
text/javascript 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-92dfd1d5961bd5a0256?a=70643334&sa=1&v=1227.PROD&t=Unnamed%20Transaction&rst=2678&ck=0&s=a262fe8355101f8c&ref=https://www.tirokdo.com/connexion&be=506&fe=2086&dc=20&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1701768263473,%22n%22:0,%22r%22:0,%22re%22:207,%22f%22:207,%22dn%22:207,%22dne%22:207,%22c%22:207,%22ce%22:207,%22rq%22:208,%22rp%22:397,%22rpe%22:441,%22dl%22:399,%22di%22:524,%22ds%22:524,%22de%22:525,%22dc%22:2591,%22l%22:2591,%22le%22:2593%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=535&fcp=535&jsonp=NREUM.setToken
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:26 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-lcy-eglc8600075-LCY

POST
H3 204 csi
csi.gstatic.com/ Frame BEB3 0
17 B 33ms
32ms Ping
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lps4vxz8&chm=1&ctx=2&gqid=SOxuZdjRGt6n9u8PvqGEsAU&qqid=COLfkef894IDFUkHVQgdJcsCSQ&met.4=fb.8~lb.3q~ol.82~bdt.-1gw~bpp.-170~idt.-11u~dtd.-11q~dt.-173&met.3=492.3n~518.3v~113.ba_3~113.bd~112.b9_4&met.1=1.lps4vxnz~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.lps4vxke~6.0~7.0~8.0~9.0~10.0~12.0~13.q~14.s~15.s~16.40~17.40~18.40~19.bm~20.bm~21.bm&met.7=CCgQCBgBOAE~CBsQBxgBIAcoBzAlOB0~CBsQBxgBIAgoCDBaOFI~CBsQChgBIAgoCDApOCE~CBIQBxgBIAkoCTAwOCdoCnAueMULgAGZCYgBxkqqAR0KClJvYm90bzo0MDAKD0dvb2dsZSBTYW5zOjQwMLABAbgBAw~CBwQChgBIAkoCTAwOCdoC3AneO80gAHDMogByNUBsAEBuAED~CBwQChgBIAkoCTA3OC5oC3A0eLZZgAGKV4gB1pgDsAEBuAED~CBwQChgBIAkoCTA0OCtoC3AyeK8ngAGDJYgBl44BsAEBuAED~CBwQChgBIAkoCTA7ODJoC3AxeJOVAYAB55IBiAHqtQawAQG4AQM~CBwQChgBIAkoCTA5ODBoC3A3eKdRgAH7TogB6NIDsAEBuAED~CBwQBxgBIAkoCTAxOChoC3AteKoIgAH-BYgBkxuwAQG4AQM~CBwQBxgBIAkoCTAyOChoC3AvePkZgAHNF4gBoPkBsAEBuAED~CBwQBxgBIAkoCTAyOCloDHAveI8HgAHjBIgBiA6wAQG4AQM~CBwQBxgBIAkoCTAuOCVoDHAreJ8mgAHzI4gBpJcDsAEBuAED~CBwQBxgBIAkoCTAtOCRoDHAqeJAhgAHkHogBlaYCsAEBuAED~CBwQChgBIAkoCTAqOCBoDHAoeMcIgAGbBogBiA2wAQG4AQM~CBsQChgBIAkoCTBdOFQ~CAkQChgBIAooCjAsOCJoDHAqeI1LgAHhSIgBn7wBsAEBuAED~CBwQChgBIAooCjAoOB9oDHAmeJFFgAHlQogBnKIBsAEBuAED~CB4QChgBIAooCjAtOCNoDHAseIAMgAHUCYgBgRWwAQG4AQM~CCoQChgBIAooCjCyATioAVAMWEdgJWhHcIUBeKf_A4AB-_wDiAHp0gywAQG4AQM~CBsQARgBIIIBKIIBMKMBOCE~CE4QDhgBIIkBKIkBMOoCOOEBUIoBWLUBYJ4BaLUBcOEBePy0R4AB0LJHiAHQskewAQG4AQM~CBwQARgBIJwCKJwCMNwCOEBonQJw2wJ4rAKwAQG4AQM~CCgQChgBIKQCKKQCMJQDOG9QpQJY3wJgvgJo3wJw_AJ4vcEBgAGRvwGIAYyBBLABAbgBAw~CCgQCBgBMBw4owNoAXAbeMUigAGZIIgBg0egAf_-_________wGwAQG4AQM~CBIQBxgBICIoIjCAAThfUCJYW2A7aFtwf3ivB4ABgwWIAbwjoAH__v________8BqgEVChNSb2JvdG86d2dodEA0MDA7NzAwsAEBuAED~CBsQBhgBICMoIzB7OFg~CEwQChgBICMoIzBNOCtQI1gxYCNoMnBLeJI3gAHmNIgBtHygAf_-_________wGwAQG4AQM~CEsQChgBICMoIzBSOC9oMnBOeJhKgAHsR4gB964BoAH__v________8BsAEBuAED~CBsQBhgBICMoIzB6OFc
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 09:24:26 GMT

POST
H/1.1 200 NRJS-92dfd1d5961bd5a0256 Show response
bam.eu01.nr-data.net/events/1/ 24 B
342 B 40ms
39ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-92dfd1d5961bd5a0256?a=70643334&sa=1&v=1227.PROD&t=Unnamed%20Transaction&rst=2780&ck=0&s=a262fe8355101f8c&ref=https://www.tirokdo.com/connexion
Requested by: Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.tirokdo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 05 Dec 2023 09:24:26 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.tirokdo.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-lcy-eglc8600075-LCY

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79CC 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 41037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:00:29 GMT
expires: Tue, 03 Dec 2024 22:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D614 829 B
1 KB 97ms
36ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/connexion?page_back=my-secret-santa-perso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de751d34c3e36453f56c6466fe494ae6634faefdb9282b67f5d8f87663c16028

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kbLgGGmyx-PQHIFlBRHI6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kbLgGGmyx-PQHIFlBRHI6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:24:26 GMT
expires: Tue, 05 Dec 2023 09:24:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 79CC 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 21:09:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 79CC 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_eDEGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:24:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D614 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=2381103142607608&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DC64 42 B
72 B 65ms
65ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc_UkKl6ORhrGe8qztAptT242XzKfTSPJ-XHkvVYQroaQFNlFrroqvNlL4H8FXCpV63Xrpzi71d04KvgfwaNpwUIfOiLJSrEjh1TqX7SOqWZCbAsyGgivG12Ooe1eEBb06Ow-aV7dKJ2fH&sai=AMfl-YTprb6pC8SmXhQuupMmwHUKNbLmToT0sscFsqSKZuxRDIjvG5NlFz4jlRDDfpANXPGbM0aSzpfR6oXsO4PRAY9tL4YMlo9GVHD3LNhl3D7RRPggc6NVsRhVvFA1UrTs4Axm_vtYinx9FP9GLg7x5_ChQw_p0lMyIOZZ&sig=Cg0ArKJSzPQVw-HOhMXLEAE&cid=CAQSTwDICaaNKXVNjxxCEPwSVIpU3pdcBmDnYras7n2-pGRkWTjqwPphXMI6gST33ecbL-CGy76xfuL49uln5_1Hrv1XDe_bsZGc3Xpl2YC3ZCsYAQ&id=ampim&o=617,713&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=122&tls=1122&g=100&h=100&tt=1122&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=2381103142607608&bg=!vr2lvfLNAAY3kmNgF5I7ADQBe5WfOO_M3UZlncs4kay8Iizz1TesFfeisxU7SdIYT3jlbjEb7qyEn3arqlF5EMFihzDnAgAAAERSAAAAAWgBB5kCzean1AsFl5lnqhf-LfZYgxbabPcozhVQqYIiM7TBxfQad8MdIalDjeR1URJTf0Gbtr2B5TdWHr3w_bPH7CSAPrEkRQch0vifO1jj7Tn7ZARN5VY1JwmtrG5yYzP9iwJ6nPYotduIivr8zd0nK1SqN9GstsRS9weQpUmxaNMAj_CtFulN1Dz3hV6K6tXEhZMWbA3kGh1T0IxvgcDRg1xXyGLY9e2zeBRBex8_wcBVQhby8RUON3ZNmol05xdusrnHoGHzmx21giu6MfmrgL9NEp3b84cMjiixaZkOYYhHVihWzjuhPIH5wWhioO3LUl47ASwq0OIfruNVDap7RShkmGp5NADU1vBeUoTid08kRbHUB9xJreKmm6thRQZESFJzln2x79eanXsToQ89dQvIC-hzl1sGe24xgRDMrpm9UvqkudCQNIGFvE8es5qKfE8z5_3-QYla-fFNE7ChEZacrR-U74O6Urjm7mvnQZNhdPF2_gwAOZpeyR9UFrjHkdw9x3Lia3uUUJzaPViEQds8fq2eej7dqs_0ja2fmhFOHe-AM6RPuQYv8Zccgpwrn303lGE4XvXZ_rZUvPyaiTTz2CuQSvDBp3ApcfuFAsAcGZ_D2Nx3KkIhrdUdsfYbpGfU-IxjsiiKq9FdIDLYnC2-hZwfCbaQ1UTeX0GFpBWW_Y_0H5lD0rOhy9zAx-SaXB_SVjv7h8hqsFCLO7a8M9RjW48azk9DZFJNDkn72o5Qy7a_SQM9w_Vldi0i80QWlLgj_rYbihM2unM2sucPhdkDaVp5A6zsTUgk7gNvLmM0v-qU0P3if0ShKT_BEGhqdnmvMZv_7gFyL8eH3dDZCqdSwvyEVL_RtLKoBdjR8tGFamEZQxMehPSWnIJCmUYhqk5UDe7B9zTwurU-U8nVOoF3AQowyFtWWlTX80EXepq2eJtiavY4M1KWN3H-KaJtrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame BEB3 0
17 B 33ms
32ms Ping
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lps4vxrk&c=2621975245134&slotId=1310987622567&umsem=0&met.4=vil.lps4vxvt~vfl.lps4vxy2
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3e4f110ef20728e699563f7b41aab95.js?tag=leadgen/snom_video_web_restricted
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 33ms
33ms Ping
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lps4vwms&c=2381103142607608&e=44759875%2C44759926%2C44759837%2C31079605%2C31079866%2C31079923%2C42531705%2C31061691%2C31061692&ctx=1&met.3=247.kj~248.kj~164.kk~165.kh_3~166.kb_k~1001.kw_1__1~164.kx_1~165.kw_3~1032.pq~326.ps_1~832.pt~868.pt~216.pq_4~215.pq_4~843.pp_4~889.pw~639.q1~1032.q4~326.q4~832.q4~868.q4~216.q4_1~215.q4_1~889.q8~639.qa~112.qr_1~429.1fb_1~210.1o9_1~1032.1ob~326.1ob~832.1ob~868.1ob~164.1oa_1~165.1oa_1~466.1oa_2~522.1oa_2~525.1od_7~639.1oj~168.1vt~168.1vt~168.1vt~168.1vt~168.1vt~168.1vt_1~168.1vt_1~952.1xm~113.203&met.1=1.lps4vvw1~4.0~5.5r~6.5r~7.5r~8.5r~9.5r~10.5r~12.5s~13.b1~14.c9~15.b3~16.ek~17.ek~18.el~19.1zz~20.1zz~21.201~22.ew~23.ew
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 09:24:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tirokdo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 891eb1fcb82ef404954f02fddcd45e20
.tirokdo.com/	1970-01-20 18:52:24	Name: _gcl_au Value: 1.1.1124364685.1701768264
.tirokdo.com/	1970-01-21 02:18:48	Name: _ga Value: GA1.1.384823254.1701768264
.tirokdo.com/	1970-01-20 21:05:36	Name: crisp-client%2Fsession%2F436d1661-fb31-49e6-a0a5-bf1935eea44c Value: session_55dae36f-b11f-4cc5-aaa1-3eed582c4e7c
.linkedin.com/	1970-01-20 18:52:24	Name: li_sugr Value: aa9f358b-c1dc-4e4c-b2db-86b81bf846c1
.linkedin.com/	1970-01-21 01:28:24	Name: bcookie Value: "v=2&3a6fa594-8e4e-4d38-8805-f2d4c3c19815"
.linkedin.com/	1970-01-20 16:44:14	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2806:u=1:x=1:i=1701768264:t=1701854664:v=2:sig=AQEzSCSNu22KyreIvkZuXCsBG-iWou11"
.linkedin.com/	1970-01-20 17:26:00	Name: UserMatchHistory Value: AQJOGen5PdlUqwAAAYw5SvvDPeBm9WmUmSpQqGRYIohvmmVDxTW9DZcwDCewWF7XdgXLLznvZG2o4g
.linkedin.com/	1970-01-20 17:26:00	Name: AnalyticsSyncHistory Value: AQIhu1IfdMhHvQAAAYw5SvvEq5VKXzOVhkxtPsIADQCLebffzN1UEgMfi8S4XTk-4VsSf0so2en3OpKe3YahHw
.www.linkedin.com/	1970-01-21 01:28:24	Name: bscookie Value: "v=1&20231205092424705935aa-7fd8-4fd3-87b6-de9eff4b4aacAQFO2k8hjeH5vO47lsQfKJe8DZo0kfR0"
.linkedin.com/	1970-01-20 21:02:00	Name: li_gc Value: MTswOzE3MDE3NjgyNjQ7MjswMjFg4Lkp5Dp8ov+EjaHD4MIaLNGWP0Rm7zTFmJtphXkX0w==
.doubleclick.net/	1970-01-21 02:04:24	Name: IDE Value: AHWqTUm6tuH5E1XQMByjIdxHb23eY4vtZUoBLerp8Y2sVgv_ODU47yHZl3eogYnckSw
.tirokdo.com/	1970-01-21 02:04:24	Name: __gads Value: ID=2728738cced928d7:T=1701768264:RT=1701768264:S=ALNI_MaxpaX7ESqNmo9uNztubjRC_bpyzw
.tirokdo.com/	1970-01-21 02:04:24	Name: __gpi Value: UID=00000d0b09249a5a:T=1701768264:RT=1701768264:S=ALNI_MbbPdMnPq5XnMTq_rbxHOWLnnfjrg
.tirokdo.com/	1970-01-21 02:18:48	Name: _ga_8L064TZ2GY Value: GS1.1.1701768264.1.0.1701768265.59.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.eu01.nr-data.net
cdn.ampproject.org
client.crisp.chat
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rr2---sn-apaapm4g-apae.googlevideo.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.tirokdo.com
13.107.42.14
151.101.66.137
185.221.87.23
2001:4860:4802:32::36
2600:9000:2315:3400:13:b126:2dc0:93a1
2606:4700:4400::ac40:994b
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a00:ba61:0:126::d
2a02:26f0:7100::213:c60b
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
04e4826be27264de184e934234f9f5166f0cca0a8088424d2cff44e5ee37f591
053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0a735025df348cfb880f2790451abbf9682dfbef8a9747592ede044cd9b1308c
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
12ff32da630bfe019ae0b1556603693138cac23df8ab8a42e0372c7967916fdc
14888a00c0c6aba791804dd9bca8418cc2ccc8a44d555ddd01230f7935525ca1
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
16a46c6ee86c451e7b713a2166ecb5d4a87771be10f7ebe9e446164d4d8256a5
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19355060ec59599c2e1a570db8ac9b7257c763fdb831d72d3c0c18db1e412495
201629780e30fbdce2adf6544f54772cf6df2c4f0f63ee319a717e2bc0ec0596
20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
2b430ea37f7226168dda2cded741e2e27228a4b9e6efd4da7d4cd33e7c6ebcb3
2b9ce4eb734f784a5d5cb80d50baf93f72394cdfd6f0bac51d6148aeee6aeb39
2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e385f33cc0f04ff34640fd671e218e34ab359a851f4aaf0e368543ca71eb91f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3ed2481d89b929ad7c476a65b0b04def24f8fa639bc4d8215737eec2014f2ddc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
452d8019aca7064afd406c02f00a3ff064f26a80fc873ac45175231cc8315687
46a893a379ddc670916e8425ae2fd4471bed0be3c29189a4c9bcebcf2006370f
475e3e88a99b6570a8da6f06080b3a99fe56a7ba144972f9a51db44a70f33597
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4f2552eaab74d7213d83e9fa2232cef30633d79845f201fbc4651748144108ae
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e5235fd7bb3a8b4bdf8be13eb8ea3b0f04436d64a048da3a78b13e89614c91
5aca3164c844d6540d0a938f3d810f4fc3816554ddba6fd46ea671a9a056fbef
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69b32d756292121e2117de2a537e21b4904552251a9e1e26e702d679f7663526
6bebb5a3a14000a9c601f0c5b84508fba2e35d68ed495f8bc83edd5336c40735
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed
74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4
75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a
7652109b677dd37cf3b43faddf5e4f53de6b3f630e54cf02b1ffe2fa74c89003
79fe99d4f53e14b7bcf5386b632369bb6dd15f2a5d9c989b31eda887ef3ab3ab
7a2453efb0ddd056123d8e873da65d6acf0514f3e18e3f685eb86b01ddf7fb81
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
7d44c06adb04210f265e24c8b6fbf1881f16c3fc8168ad3175bdeb9f77531ca9
7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945
7eeb8f5fe5d1db1f669d2f96afec846928617ee6bb6d597c698c7da61ff29f13
7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8610d116c02bfa0c447943a326878b3e8e51a46192a18f70589c22bf7b5a1193
87ea0dbb42d1ece29e04e92c23ff61ee38db269a6200dca89438cea85c395893
8f6de71c04d837140d6267f976fc495fff11ad0689ce8c484ef3a0558a15b7c0
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
93cb50e20bdf52a72eff95cbc3ab29d9c1c9e5959fd53ca1c1255948eb4a4886
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990
99fae6468b3bd803389038dbee0d9d96f845779869b3d448db662e735bb8ec6d
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862
a7c2f8a64192646bb12c358235cc9b0acd9be8a7221f16b4fcc99a3577857923
ac780c60c7e3379fcc97d80bbce0ced8b5d9af5cdb6349dc7b4d0897bb51672d
b30fc988f395d597dc5e3a81253d6fa9a038bc119e8aa9fe6fb3c3855bf8380e
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b5ab444237b10f07c82db36332134ca3e4c272bff7e5a6e413cec8424bb12877
b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
bee40aec602b877153b58fddc723cd846fbabff1dd9a7697da81a4154fb9c327
c1be51477e9037aeed73b8946e07bd332df598c6ff7ad6ced5b46ab38852de75
c257752bf1eb1e875f2fc403ee5389e88be5183c1449f91b0500e9589ddafb6f
c4da2842386925924e43f976a15b619a0b9caba5ca8320709a2b2b8a8e2c4a38
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7e9e7516dda885087f6d332422094c13119ecf2132bb47b5c85a14520409b79
ccde1193a7db179b01ccf5845b0499b069b9fddec2906f45fed23fa619867505
d4d838941d18428f21c7273e2f8e3cf421782c736af7775db9c56ea5b74d6971
d8ba11519f8e047afe8581d6bdb8ce28f7913bdbccbb9bbf683e143ca5a28ef0
dbe4f82d83dd3fda5a75131d0d57cd5eb05fdb2a81eb71c1860772df1b8f8770
de751d34c3e36453f56c6466fe494ae6634faefdb9282b67f5d8f87663c16028
df30beb87f8a0ab5fb557ab4eef136cb8a6a6bdd1305ebb7b0aa95b3e858b781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb5c4c7e8374c09a71c311ceb84321f80ad0d6b811873af0e4dedf3e7c07e7
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f025516815a6f6cebe8eecae606c07df1144a6776a8773909ec484a7bc00d9e3
f52db409ed7560217c631a7d069bcaff0a2482213b28d3e8ab746f090600ece8
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

www.tirokdo.com Open in urlscan Pro 2600:9000:2315:3400:13:b126:2dc0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

88 %IPv6

16 Domains

24 Subdomains

24 IPs

5 Countries

3236 kBTransfer

6898 kBSize

15 Cookies

7 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tirokdo.com Open in urlscan Pro
2600:9000:2315:3400:13:b126:2dc0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

88 %
IPv6

16
Domains

24
Subdomains

24
IPs

5
Countries

3236 kB
Transfer

6898 kB
Size

15
Cookies

120 HTTP transactions
5 data transactions