urlscan.io logo urlscan.io
SecurityTrails logo

maxi-malins.com Open in urlscan Pro
172.67.178.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.nl.super-fute.be/tr/cl/qgI7Uf_BsypRGvXNgPYUQ4ZxYisD8lOLsipjU18t8OlbsHx35WkqkY1vEY-Welh8qvKVt72dokJ7VeSZaCFTJI54RN...
Effective URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Submission: On October 20 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 131 HTTP transactions. The main IP is 172.67.178.204, located in United States and belongs to CLOUDFLARENET, US. The main domain is maxi-malins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 24th 2021. Valid for: a year.
This is the only time maxi-malins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.107.232.127 200484 (SENDINBLU...)
1 1 52.51.34.139 16509 (AMAZON-02)
30 172.67.178.204 13335 (CLOUDFLAR...)
2 104.16.19.94 13335 (CLOUDFLAR...)
3 142.250.186.42 15169 (GOOGLE)
8 142.250.185.104 15169 (GOOGLE)
13 142.250.185.98 15169 (GOOGLE)
1 143.204.98.52 16509 (AMAZON-02)
16 172.217.18.98 15169 (GOOGLE)
7 142.250.186.163 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
1 80.75.66.243 20860 (IOMART-AS)
3 142.250.185.142 15169 (GOOGLE)
2 157.240.20.35 32934 (FACEBOOK)
13 104.16.12.64 13335 (CLOUDFLAR...)
21 142.250.181.225 15169 (GOOGLE)
4 172.217.16.130 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
2 3 142.250.185.100 15169 (GOOGLE)
131 19
1    185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)
r.nl.super-fute.be
1    52.51.34.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-34-139.eu-west-1.compute.amazonaws.com
lk.super-fute.be
30    172.67.178.204 (United States)

ASN13335 (CLOUDFLARENET, US)
maxi-malins.com
2    104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
8    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
1    143.204.98.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net
cc.cdn.civiccomputing.com
16    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads.g.doubleclick.net
7    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
adservice.google.com
2    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    80.75.66.243 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: 80-75-66-243.civiccomputing.com
apikeys.civiccomputing.com
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
13    104.16.12.64 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
21    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googletagservices.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.gstatic.com
3    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
Domain Requested by
30 maxi-malins.com maxi-malins.com
21 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
maxi-malins.com
googleads.g.doubleclick.net
13 c.bannerflow.net googleads.g.doubleclick.net
c.bannerflow.net
12 pagead2.googlesyndication.com maxi-malins.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 www.googletagmanager.com maxi-malins.com
www.googletagmanager.com
7 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com maxi-malins.com
googleads.g.doubleclick.net
2 www.facebook.com maxi-malins.com
2 connect.facebook.net maxi-malins.com
connect.facebook.net
2 adservice.google.com pagead2.googlesyndication.com
2 cdnjs.cloudflare.com maxi-malins.com
cdnjs.cloudflare.com
1 www.gstatic.com googleads.g.doubleclick.net
1 apikeys.civiccomputing.com cc.cdn.civiccomputing.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cc.cdn.civiccomputing.com maxi-malins.com
1 lk.super-fute.be 1 redirects
1 r.nl.super-fute.be 1 redirects
131 21

This site contains links to these domains. Also see Links.

Domain
www.civicuk.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-24 -
2022-05-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.cdn.civiccomputing.com
Amazon		 2020-11-21 -
2021-12-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-30 -
2021-10-28		 3 months crt.sh
apikeys.civiccomputing.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 19 frames:

Primary Page: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Frame ID: 524C492F4486B8C3F667BB215C5D77E1
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html
Frame ID: 9241A0AD5B5E2865992D4E4058CD0A9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1634701231&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231337&bpp=18&bdt=110&idt=186&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254071446395&frm=20&pv=2&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200
Frame ID: FF931F3AB271CC557661C4C887BF7850
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=1591425389&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231558&bpp=1&bdt=331&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=4547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=5qHI9SYePe&p=https%3A//maxi-malins.com&dtd=5
Frame ID: 2A4C1E7673BA134B87E213672D5C4A3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Frame ID: C714C3886DE34EE69B59E434BC250F07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Frame ID: 5EDFD019FD24BC146A65CF09AA42BFDF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Frame ID: 6C150E54EEA913A8C93EFD4E6A2FE2AC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3070778759&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231492&bpp=1&bdt=265&idt=160&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=2585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=u86nk2BEcb&p=https%3A//maxi-malins.com&dtd=162
Frame ID: A369417F008684ECECE8EEE3ACA7FB3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Frame ID: A27AF304733E62CEB82C71EDC13ADD6F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CXL_8r49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTXAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzkqdVWFcmAnngvXr6I5pvs5j8oQiZlEfio43_b4bQneLnRxSQaNdwASrr9jd2gOSBQQIBBgBkgUECAUYBKAGEYAHxN-_eagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQq9UB0ggHCIBhEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01NDYwNDc4ODAzODUyNTQ5GAA&sigh=XocKKYshJZ8
Frame ID: B08B7DE2AFEF1A35078D11A1E9FF171E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 980EAC2DC70C55EED3FDAB43A7E0647E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 5165CCEF9C6338DE23D1AAFC5801FB34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 480BA16B289959FADCD9763124310931
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7EADD99F7F16083E45EC6A6D8CA7217C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: DDA863B59BB52BB2EDAECD50387F7D72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 876CCAA824951CA6193CE73D36039E11
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E930FB60DC0DFCAA2AE8ABD199D37FA6
Requests: 2 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/0daa135e-601a-42ad-931e-b9dc28ae11f3
Frame ID: EB0B451CF45B8843CC8B3A9F30C94D97
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F8ea8b3ad-ef5e-45e0-8051-1e2c74f2b297.png&w=69&h=69&q=99&f=webp&rt=contain
Frame ID: 9C9F91350C88F054664C8F2CF29AB51D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Maxi Malins – Le site dédié aux bons plans gratuits pour vous aider à faire des économies !Cookie Control Close IconExternal Link IconExternal Link IconCookie Control

Page URL History Show full URLs

  1. http://r.nl.super-fute.be/tr/cl/qgI7Uf_BsypRGvXNgPYUQ4ZxYisD8lOLsipjU18t8OlbsHx35WkqkY1vEY-Welh8qvKVt7... HTTP 302
    https://lk.super-fute.be/tk/v1/I0let52jlF/U2FsdGVkX1%2BeFzavnn90rI4pPlc0rFljflbUOdE5xNGks8HeUh1S7gcxR... HTTP 302
    https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • cc\.cdn\.civiccomputing\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js

Page Statistics

131
Requests

99 %
HTTPS

0 %
IPv6

16
Domains

21
Subdomains

19
IPs

4
Countries

2576 kB
Transfer

5344 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.nl.super-fute.be/tr/cl/qgI7Uf_BsypRGvXNgPYUQ4ZxYisD8lOLsipjU18t8OlbsHx35WkqkY1vEY-Welh8qvKVt72dokJ7VeSZaCFTJI54RN_UanxK39RDn01Chk6003QMXxAm2DtXSm6UZY8ObkLodMfE2aY-5amoR7bjN5GkuSq_Bw0DPz93S3OAJkaQNeMg0getE-Mg_oxTIWMGVBSyOJeoT6ZyGFmfAs2FFR7nNSsacSNDY4bfHGFr6Zy8sFQxnhEu1Iu6o2Yj1xLHn4Q1eIL7v_a4Br36z0_ipa3wQ5ihKJd8UW9gsnmgx27xG343Gg1Jscm7pHlZ9z12iP82RkKeZ5loOnyAhnUSI2_9mooaKe8cuDBKS3NmBOOmTcgWlNJBCf9yqqafKxzkKvfDWwq9-AjoXgO8eftNuuAguNsWYtPTAh0SG_CuUWeKqCBb656RLA8Rnn217ySxjH28R2xYSIwGvZJ4LAcRGNEKUj6rGl-HZ_BlKz717xlgWdRABw HTTP 302
    https://lk.super-fute.be/tk/v1/I0let52jlF/U2FsdGVkX1%2BeFzavnn90rI4pPlc0rFljflbUOdE5xNGks8HeUh1S7gcxRA9DshYIHoJg0Cx%2BNGPI4Srv0GrgKxmrgsgTb8UhGd9EJfqoWYK3IilkhOs5DT9BLgMr4F2jJUAB1o8x%2B%2FGcjKcYhAzAI4LrBDvYwTADugim%2BTA6ysSHwDk3lHPYfeSjgKkxUSLf HTTP 302
    https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 113
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
maxi-malins.com/
Redirect Chain
  • http://r.nl.super-fute.be/tr/cl/qgI7Uf_BsypRGvXNgPYUQ4ZxYisD8lOLsipjU18t8OlbsHx35WkqkY1vEY-Welh8qvKVt72dokJ7VeSZaCFTJI54RN_UanxK39RDn01Chk6003QMXxAm2DtXSm6UZY8ObkLodMfE2aY-5amoR7bjN5GkuSq_Bw0DPz93S...
  • https://lk.super-fute.be/tk/v1/I0let52jlF/U2FsdGVkX1%2BeFzavnn90rI4pPlc0rFljflbUOdE5xNGks8HeUh1S7gcxRA9DshYIHoJg0Cx%2BNGPI4Srv0GrgKxmrgsgTb8UhGd9EJfqoWYK3IilkhOs5DT9BLgMr4F2jJUAB1o8x%2B%2FGcjKcYhAz...
  • https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
92 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b864890b203557e32fb86b5a54665789879b0558c70c052e91f20bacc47670de

Request headers

:method
GET
:authority
maxi-malins.com
:scheme
https
:path
/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-edge-cache
cache,platform=wordpress
link
<https://maxi-malins.com/wp-json/>; rel="https://api.w.org/", <https://maxi-malins.com/wp-json/wp/v2/pages/1000565>; rel="alternate"; type="application/json", <https://maxi-malins.com/>; rel=shortlink
set-cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; expires=Sat, 18-Oct-2031 03:40:30 GMT; Max-Age=315360000; path=/ dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; expires=Fri, 19-Nov-2021 03:40:30 GMT; Max-Age=2592000; path=/ sid=dl8p158kuyywmbj; expires=Fri, 19-Nov-2021 03:40:30 GMT; Max-Age=2592000; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3mkOz37Sz04p%2FUAysAf%2F08W9ysM6LEgDnmUT4fkha9Uaw%2FGk62GQxKsGem8YUG0NH%2Fd3A%2Fvamb%2F3dcSR7eVM28YDX%2FvQCQnIYvupcVaLiqg3B0kM8x5sH8CBjCScRJ0Q5w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a0f39a39878dfef-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 20 Oct 2021 03:40:30 GMT
content-type
text/html; charset=utf-8
content-length
314
location
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
vary
Accept
x-powered-by
Express
apigw-requestid
HfNjTjwZDoEEM5A=
style.min.css
maxi-malins.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 May 2021 08:47:37 GMT
server
cloudflare
age
2180
etag
W/"e33b-5c2464bc07666"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XRoCHuQxcQU2Hlu0OJdu4%2FgXLdGr6BGVI5lo5BoyVMY8sgXz5jPlku7wyeYIVFPf%2BnrXVNiHzqjVUyBLz5CT5WA8mvUv51STH2%2BjE9E1LM6eeqSBPVfBBNipNwfUElpCm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a84dfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dashicons.min.css
maxi-malins.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-includes/css/dashicons.min.css?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 May 2021 08:47:37 GMT
server
cloudflare
age
4427
etag
W/"e688-5c2464bc05726"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aI1SLzDW1pSw%2B36YkG6RjZFm2y56ba5aI3mAU15z%2FqHdLk5ynz%2BbGT9Uxt5HjVoqQcojTZm3yyZinzgpDVepFd6GuJ51SnR5A7rcwhYnVp%2FJHRTdG%2BGd1fM2fK8%2FEnmK1xE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a85dfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
frontend.css
maxi-malins.com/wp-content/plugins/post-views-counter/css/ 		289 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.7
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

:path
/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.7
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 04:06:32 GMT
server
cloudflare
age
4427
etag
W/"121-5ce34166587af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icWV54ark7vVHykpfyORSfu789DKcsV47JgUwZMZVP0NF9hc4jQdmZU4Hq2c1%2FuXjjlCa4LZRzQOstCjdiRKjc46unODZJZfTHBmlqeaQmxny%2BYkUg42AXrZspPl2jmenqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a86dfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
maxi-malins.com/wp-content/themes/maximalins/ 		341 B
470 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/maximalins/style.css?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122

Request headers

:path
/wp-content/themes/maximalins/style.css?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Jan 2021 16:48:01 GMT
server
cloudflare
age
3997
etag
W/"155-5b9d06ae8db81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wV4kbbXm35i97SDX9V4lszni9UNafGGMVDEdmZrrgYfqc3zlajYVM39a33u%2B4B6yen5CuuoDGwzzzup65rgcCytJp81gLaJYb%2FejbfE466pA874S0z%2F%2BQKZ9ZuRRhZiOw7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a87dfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1756354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9939
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-da9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyRl5vuAXeVYqYGeqNFTQgjeaNZxK%2BVmFcSKvfTuyq21Kegy624X7Qyr9n%2F4RolCPld5NpFFIGYLlVMhMNE4V%2Fa8h3ZJGo7XjKbV4VI9yASfm3Wih8aCgn%2BDyamqKwnT2gKLZy7E"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a0f39a78a8e2780-PRG
expires
Mon, 10 Oct 2022 03:40:31 GMT
css2
fonts.googleapis.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 03:27:17 GMT
server
ESF
date
Wed, 20 Oct 2021 03:40:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 03:40:31 GMT
bootstrap.css
maxi-malins.com/wp-content/themes/maximalins/dist/ 		241 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/maximalins/dist/bootstrap.css?ver=2021-10-20
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42e4d5f009fdcf336048170d4d8472aa2a513d04d1da25a756e10ea485c014e

Request headers

:path
/wp-content/themes/maximalins/dist/bootstrap.css?ver=2021-10-20
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jul 2020 15:29:06 GMT
server
cloudflare
age
4987
etag
W/"3c38a-5aaa4d1496baa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zU4xZ68F%2BkVznu1c5I4Hb%2BHmFxCR3rEhf019jQPKHHMYDwJMoLgI8l3q6XYF%2FqBLfWN7nXueUvxohlFqjMR0h4b%2FWW4TOx48WRcz4xm7CVm3ctmkX3DRamZQ2W0ok0wJPss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a88dfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
styles.css
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/styles.css?ver=2021-10-20
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29f129628cea39ef3252d61bd581ca42fb29ac1a54e9579428836c179c9d819

Request headers

:path
/wp-content/themes/deux-trente-theme/dist/styles.css?ver=2021-10-20
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 15:03:11 GMT
server
cloudflare
age
4987
etag
W/"2194-5cd23a0fb1b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtfQAnD%2BsP1D6gsScZPy9eeRXiUrqypUCO%2FMnbGwN%2BDaTFsbAQKdGF041Qg4cpy2JGwNeca%2F5Bl4vp8r0pE77PMMWoU6A9tFMWL%2BMKEpkagX0TY48MsekFXL%2BRfdAWf61vg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a8adfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
custom-style.css
maxi-malins.com/wp-content/themes/maximalins/dist/ 		521 B
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/maximalins/dist/custom-style.css?ver=03:40:30
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8703ae1bf756458f164a0d6ab98ed04e4f126da9ce586f5d40a73edf02c0c84c

Request headers

:path
/wp-content/themes/maximalins/dist/custom-style.css?ver=03:40:30
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 10:43:13 GMT
server
cloudflare
etag
W/"209-5b8c5ce56c964"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdjQs6DBZLdnSYyv2itd3X7%2FTE0BbhudUtvDjfh6Sz3PdrFfP8lZuNkH66WP6UFiWorX4hgZV7T80krYlxLj6wJbOxXFFKEWDkyf5YOoQ96kuXmGLrxPbQwwsNg83Uv4IH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a8bdfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.min.js
maxi-malins.com/wp-content/themes/deux-trente-theme/dist/ 		260 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/deux-trente-theme/dist/app.min.js?ver=2021-10-20
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e0d7321e8d35a256beef50436a8ecb16c492d829d73047e9058a98859a7904

Request headers

:path
/wp-content/themes/deux-trente-theme/dist/app.min.js?ver=2021-10-20
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 15:03:11 GMT
server
cloudflare
age
4987
etag
W/"4117d-5cd23a0fb1b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BHgfaPKzmfkksb%2BTycGmw5%2BElVc4VY%2FuZnnLZ5XtqsGIJwXNfwiT0xmDdmSwsNKDK9LIPiE%2Bt7NIKZWn9mmvzLpShTRtLTeJos3ATrtJsddbMSnPnJMhb8pi8ZRdBXpzbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a75a8cdfef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164973728-2
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5e4a7382b8eb42922245a1e8566fd49fd8131caaf2d71f753bd07aff55fff216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37820
x-xss-protection
0
expires
Wed, 20 Oct 2021 03:40:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
61e6947025a4c24c17ef4c23dc8610add9ac6ac9fc840d7214690c648343cfe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://maxi-malins.com/
Origin
https://maxi-malins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50881
x-xss-protection
0
server
cafe
etag
5034430600797679560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 03:40:31 GMT
Logo-Maxi-Malins.png
maxi-malins.com/wp-content/uploads/2020/06/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2020/06/Logo-Maxi-Malins.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec

Request headers

:path
/wp-content/uploads/2020/06/Logo-Maxi-Malins.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75489
last-modified
Tue, 30 Jun 2020 09:22:46 GMT
server
cloudflare
etag
"126e1-5a949b7e332c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtpMKCJz43K3I0kUMLbSlkfQBMmYocvj6WXDujo1of7e9CdiMmVhCT7Do%2B%2Bs4sHc7yKT19icMW7JwTEjHPqFmdRVl4L9TT%2BW4hXrLgccJRCnjWULivKeYgETwX7mJ5J92IU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe2d6b1-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ff258c45b7ccf641eb088434e73eee0fee77d7b3e7a6c3f44c8abb5d5a5561fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50913
x-xss-protection
0
server
cafe
etag
9538369835954335304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 03:40:31 GMT
produit-gratuit-a-tester-couche-lotus-baby-test-trnd-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/produit-gratuit-a-tester-couche-lotus-baby-test-trnd-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4042f5731c4bb1306ab4f98c7464b5e9df07949ec6b1482d550f21714c1f4f53

Request headers

:path
/wp-content/uploads/2021/10/produit-gratuit-a-tester-couche-lotus-baby-test-trnd-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
72257
last-modified
Tue, 19 Oct 2021 14:02:18 GMT
server
cloudflare
etag
"11a41-5ceb51c058a68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=souvdDfjxtQ%2BGSyWazSlkAT%2BbXxL%2FE4%2FWd%2BM9znzThknH9%2FsXK44y86610P03qoaiAp9AjW64uVAyhZ%2BZZS6mA4TdxXRjELYw%2BqHSJs38zGe%2BduEVKG65N8f5t54XzXWFms%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe3d6b1-FRA
produit-gratuit-a-tester-mobile-enfant-tiny-love-test-consobaby-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/produit-gratuit-a-tester-mobile-enfant-tiny-love-test-consobaby-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67fd119b100a96704bb4478e75c2d086f1f98194de9828c29320db1e77009ab

Request headers

:path
/wp-content/uploads/2021/10/produit-gratuit-a-tester-mobile-enfant-tiny-love-test-consobaby-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45660
last-modified
Tue, 19 Oct 2021 14:02:07 GMT
server
cloudflare
etag
"b25c-5ceb51b5ff403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FIdSOaJwsM2saStiHYlGwtI4cUbftJeq6SFpxUjwg6AZmn8CkDk98U04X%2FtQE8BXFOAdOrOUgu%2BQTLOzjq86PPl9ff1seysA%2ByYO2kWK%2BoZeRYxqUWTxe6cF9G%2FUakF0T0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe4d6b1-FRA
produit-gratuit-a-tester-huile-cbd-no-stress-id-swiss-botanicals-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/produit-gratuit-a-tester-huile-cbd-no-stress-id-swiss-botanicals-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd3ba02305b63996ce4b413779c90cdad16dcf8a08dcbac172e0f8514cbe0f7

Request headers

:path
/wp-content/uploads/2021/10/produit-gratuit-a-tester-huile-cbd-no-stress-id-swiss-botanicals-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67427
last-modified
Tue, 19 Oct 2021 14:02:00 GMT
server
cloudflare
etag
"10763-5ceb51af8cde8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf%2F5SNMottt219Hqe%2B%2B7or2fcgNgRagtUZxVxDftIX7bx6mR052c17ZeYAwyqmmbQeqC3DtQE0ebUWWmGNv5bDujMw1ErCvnUOaC6OPhJRnEfLmv5aM387jzWnJNzfonYP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe5d6b1-FRA
coffret-smarties-maggi-kub-or-a-gagner-jeu-concours-nestle-croquons-la-vie-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/coffret-smarties-maggi-kub-or-a-gagner-jeu-concours-nestle-croquons-la-vie-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bde63b112385009c82e1d7adf3b2b4be22d27e17e6cdb76ba3a6c6c53f83065

Request headers

:path
/wp-content/uploads/2021/10/coffret-smarties-maggi-kub-or-a-gagner-jeu-concours-nestle-croquons-la-vie-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
89710
last-modified
Tue, 19 Oct 2021 14:01:53 GMT
server
cloudflare
etag
"15e6e-5ceb51a91f5ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpU7o4ly48KX0ApXTqN9VFnWpYBqItxar9r22jZuv9J8tkGAXsKxIAlHPtmuyxlBmep1bbuRI1JfM6A2hMImKW0CReuPKB1hyGYFmYvi3nV5QfKobwdzfClMuuEzQpbqBJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe6d6b1-FRA
sejour-nature-a-gagner-natura-box-jeu-concours-lea-nature-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/sejour-nature-a-gagner-natura-box-jeu-concours-lea-nature-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f57ff3ae62c2a0e5e01f3fabdc6ec8c334e03678dfbb091100bf58ab64aca15

Request headers

:path
/wp-content/uploads/2021/10/sejour-nature-a-gagner-natura-box-jeu-concours-lea-nature-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3875
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
69686
last-modified
Tue, 19 Oct 2021 14:01:26 GMT
server
cloudflare
etag
"11036-5ceb518f23102"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sOjUIq5Xn%2BYLHHKJLnjucEm9QZDfh3KWPDkMr%2BoYfvEU4AVX%2BEbo9D14g91rZeemd16XuDzyZF7o39WDilTEr2R0Yzr6jZ66Qh6f7tEh7EN5WScxXjocNL45MINy2R2JjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe8d6b1-FRA
tv-qled-neo-a-gagner-jeu-concours-samsung-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/tv-qled-neo-a-gagner-jeu-concours-samsung-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9cea8ccad4ae95807a34350d79d9199fc905ce6fc2261299be8e6bb8ae175f

Request headers

:path
/wp-content/uploads/2021/10/tv-qled-neo-a-gagner-jeu-concours-samsung-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1334
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
96863
last-modified
Tue, 19 Oct 2021 14:01:17 GMT
server
cloudflare
etag
"17a5f-5ceb5186f0712"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtDHoI37EmePAcbYXk6x%2FhAhCn3CErzX%2Fms%2BkVVlaMzU7n5ieCkOC6q8Sg6KbNmHIzH3Eu2%2B5445oWBM1siiyE1dlPFLYhCSDid96dVF%2F25kwWXhz%2Bgo9hZesblpWTEM2WU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffe9d6b1-FRA
promotion-calendrier-avent-playmobil-pas-cher-bon-plan-amazon-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/promotion-calendrier-avent-playmobil-pas-cher-bon-plan-amazon-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3ced96530911800bc074b23a7daf0b08ee93a501590a8b42427b38db8f7408

Request headers

:path
/wp-content/uploads/2021/10/promotion-calendrier-avent-playmobil-pas-cher-bon-plan-amazon-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4985
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
127832
last-modified
Mon, 18 Oct 2021 13:03:00 GMT
server
cloudflare
etag
"1f358-5cea02a266ccd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUwMAMeQ9iT6oOwnmUP7UoWjEVe%2Bf%2FCvpLvCbNQAZP%2FA2%2F8Qe39Okt6kRCV9DJY%2Be7UzjVrDWlMVFRMGoMlO%2B%2FBObs4oEE9%2BV6qJsdOclGmrbkTBIvGSKvUWV0JemMsEOKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffead6b1-FRA
bon-plan-lidl-appareil-mise-sous-vide-pas-cher-silvercrest-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/bon-plan-lidl-appareil-mise-sous-vide-pas-cher-silvercrest-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4aba331d7113cf4c586e55c38b1b491fdb5b8ebd6e256af96872d3848c45bec

Request headers

:path
/wp-content/uploads/2021/10/bon-plan-lidl-appareil-mise-sous-vide-pas-cher-silvercrest-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4985
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59123
last-modified
Mon, 18 Oct 2021 13:01:58 GMT
server
cloudflare
etag
"e6f3-5cea0267433c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrGcXrOz3jiy5m0D8s9FC%2F8gGEgJu%2F6N1A4ZkmRPjzU437KmmJtrW2gXkgwfPftUg5nJCw7Z3Ix73%2FDhhg8m0Zgssfeth2eHvtt1tHupqe2Ifp4pLY51rDrVZDDPmFU9A5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffedd6b1-FRA
bon-plan-action-jouet-enfant-pas-cher-cadeau-noel-300x300.png
maxi-malins.com/wp-content/uploads/2021/10/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/bon-plan-action-jouet-enfant-pas-cher-cadeau-noel-300x300.png
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cf99167c29036d6130f6d01e8e27e03fd51ea6339f2d5ee4649ee829acb4a4

Request headers

:path
/wp-content/uploads/2021/10/bon-plan-action-jouet-enfant-pas-cher-cadeau-noel-300x300.png
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3646
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
86819
last-modified
Fri, 15 Oct 2021 09:46:38 GMT
server
cloudflare
etag
"15323-5ce6112521b6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxoFfK%2BbkPrWazRn7%2FGQaf7YOffB4dJarNq2egr2XogO2KajvPA5SraAqqp4CIO%2BWneLAgC%2FhhdtxvKQsekTdnuNT5PsDpsggIt6IzIC9m%2FvCTEXYIoLlznGdhZGRkyw6FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7ffefd6b1-FRA
wp-emoji-release.min.js
maxi-malins.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 May 2021 08:47:37 GMT
server
cloudflare
age
2180
etag
W/"3795-5c2464bbf6cc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhThlt6AVNSBNM5MwQJL7x420F1%2BEK8RTwg9IKQdRAQ80qi00xXMvxt7%2F1sA20C93alZ41zYDVaCnIUnhagzt9yksZ3lnTa4DWZEe8D2Qbuh9P6IXW43a3jJd2ngEWU260I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7fff0d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
une-carte-cadeau-de-50E-2-300x300.jpg
maxi-malins.com/wp-content/uploads/2021/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/10/une-carte-cadeau-de-50E-2-300x300.jpg
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57822433972846ca3822762c868bd27a1ecf1fcb3eaf2715a008f2a277e0b8eb

Request headers

:path
/wp-content/uploads/2021/10/une-carte-cadeau-de-50E-2-300x300.jpg
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19150
last-modified
Thu, 14 Oct 2021 18:16:45 GMT
server
cloudflare
etag
"4ace-5ce5414d7a86e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBs3kHv216JKNIR7lr465Sflz5C9GwfVYffOZwlNhJt%2Bmc2y5tALUDKgXRa7Ec4UXaJ0S%2FhegKP5nW3RznyzpoC%2FgW7kH%2FjiUpOEVysex6ZpJ5g2irX1Pw7vm3D1ZmY7pbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a7fff1d6b1-FRA
cookieControl-9.x.min.js
cc.cdn.civiccomputing.com/9/ 		285 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.cdn.civiccomputing.com/9/cookieControl-9.x.min.js?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-52.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
0c9bc7534d077408a1b33568ff0c03071c9a2a9f27752478a82c70045d3ef172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
x-cache
Hit from cloudfront
x-xss-protection
1
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Jul 2021 07:20:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"475ab-5c774c59c4230-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type
x-amz-cf-id
X_pZMhqR8s0PUKCaYJa2_diZX0UPC7ELmR1-25IlnOOZHS0163sFbg==
expires
Wed, 27 Oct 2021 03:39:52 GMT
script.js
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/script.js?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d

Request headers

:path
/wp-content/plugins/dt-coreg-sponsor/script.js?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 05:15:00 GMT
server
cloudflare
age
2180
etag
W/"aee-5bd27bfad32a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Syjs9TU8V8EFM2HnX%2FNHA4wJRBTgekqzt%2BPGkwGAF78NBYky1llbOEnCcIM52FqzlzMHbqnMfqUc4KckkCpiUF129aS0D%2FX20zKnlREzw7v%2Bm0L701oZcLBlbnvrXwCNi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7bfb5d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
scriptcoreg.js
maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/plugins/dt-coreg-sponsor/scriptcoreg.js?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a

Request headers

:path
/wp-content/plugins/dt-coreg-sponsor/scriptcoreg.js?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 05:15:00 GMT
server
cloudflare
age
3994
etag
W/"ded-5bd27bfab8cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSIT2rLgQhoQqjS%2FX%2FiB4NN9N4E0dzmV0q2y3vFteqlSNYZdfviDqYeCzoRxSQ4laPEWVXmb7J5PaYwOrjLVMorbA16ScSD%2F0m9ipJJvLmjOkF97T3%2FXucoYBH5ByoKfkfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7ffdbd6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
navigation.js
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/navigation.js?ver=20151215
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

:path
/wp-content/themes/deux-trente-theme/js/navigation.js?ver=20151215
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 15:03:11 GMT
server
cloudflare
age
3994
etag
W/"b97-5cd23a0fb0b77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bfp7CvYvKl1JCzp9OyUx6l0pNdAH%2B42yu%2B9kn3gFfnrczKcOkwS6GWsNDD3T5INRgfZcGKbc7y4pm%2BPIYwxFn7xwbP8iOp5EeTccZilRPIeAyIlvJFFZQ6qFldMLomYq7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7ffddd6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
skip-link-focus-fix.js
maxi-malins.com/wp-content/themes/deux-trente-theme/js/ 		685 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-content/themes/deux-trente-theme/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

:path
/wp-content/themes/deux-trente-theme/js/skip-link-focus-fix.js?ver=20151215
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 15:03:11 GMT
server
cloudflare
age
2180
etag
W/"2ad-5cd23a0fb0b77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTYWubjG9B%2FTpqhT%2F3Eu8MjP2EPtaOp5AmryqywZhDt34zVI%2FZQg1q5lMbC9y1OvMEjbUp2Zgs0MQ0u6damK8PzIw4AtqCrwNN2XMOTTZSq%2F%2F5nYpZfFz4d2yZMZNx1hxRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7ffe0d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
maxi-malins.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxi-malins.com/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 08:31:16 GMT
server
cloudflare
age
2180
etag
W/"592-5bffeafd43fb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqQ6Y1fsWyRkDkyGh0uEL%2F72GMF6G%2B2dTMaL%2By30NN5jopNwLqwND1g0lHntSuCTJbl6GtpE6ms7ByzMRe4A4ct9TWnW06safjb9S4FnbYVG7e5E2hlZMzYb09aaorOWRQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0f39a7ffe1d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3970aa6c7fe64632262645b7bb0ea4e1b138d0ddde8d649c587b6b444de57da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99349
x-xss-protection
0
server
cafe
etag
14003910082488433168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 03:40:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/ Frame 9241 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5460478803852549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211018/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 19 Oct 2021 14:22:43 GMT
expires
Tue, 02 Nov 2021 14:22:43 GMT
content-type
text/html; charset=ISO-8859-1
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
47868
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M2MQ9B
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
15a82141b146999352fd683dbb538cde17f705ffb4740e7f076b80cbaa8bcb09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31567
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Oct 2021 03:40:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://maxi-malins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:11:30 GMT
x-content-type-options
nosniff
age
131341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 15:11:30 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.7.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css?ver=5.7.3
Origin
https://maxi-malins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1069217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75440
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-126b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbH%2BVporfwckb2ELvYOxIAK6RvkomqZ225Euf7SL%2Fh9Mvk3lSOr98WpWD%2F%2BaNIxwHxOFpphZiIgJJNNfzDjZFH6CTZCZL4YVPqu392LPWUn2J5x9MdIWhDUM3nQyQaN4R75ZmpuJ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a0f39a829a92798-PRG
expires
Mon, 10 Oct 2022 03:40:31 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.7.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://maxi-malins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:51:57 GMT
x-content-type-options
nosniff
age
233314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Oct 2022 10:51:57 GMT
Sans-titre-2020-09-24T151718.037-150x150.jpg
maxi-malins.com/wp-content/uploads/2020/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2020/09/Sans-titre-2020-09-24T151718.037-150x150.jpg
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd3121b3e04cd7786c42a66ed96c4a4a0c5744508db90bfc80b417ff7d0c01a

Request headers

:path
/wp-content/uploads/2020/09/Sans-titre-2020-09-24T151718.037-150x150.jpg
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Sep 2020 13:21:24 GMT
server
cloudflare
etag
"1391-5b00f13a33eb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1cYSy%2FfpBE0fPKE%2FK66DnMaoUx%2FK%2BfhskDB2m%2BZIUsMTKbE%2FmUyaPIihb9okikfmZFb1MSx87UAidJQCFQ1MD%2B03GWM4kEmle%2FR3yog1UYgL0LclabarK3DsW7ZoIqY%2FgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a0f39a8a844d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5009
Sans-titre-2020-09-15T094627.930-150x150.jpg
maxi-malins.com/wp-content/uploads/2020/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2020/09/Sans-titre-2020-09-15T094627.930-150x150.jpg
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7b71e04d2328d9b3f1713eb7361b56484d96fec03d8440318f0a7bfc4dd75e

Request headers

:path
/wp-content/uploads/2020/09/Sans-titre-2020-09-15T094627.930-150x150.jpg
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6475
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3892
last-modified
Tue, 15 Sep 2020 08:08:08 GMT
server
cloudflare
etag
"f34-5af55a6bef65b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkXSBaSeJomVLfWuYK2YgzoGC4vPHlmKunrtEh3JWXG0sahjMKxlBp3L0PFeLlfciSw65qvlo1b8ut5umL2i%2BXc5i7Fv5jTgV02mdL2S2ccPqUDrzZJtL3WEA3tyo4T9yZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a8a845d6b1-FRA
Sans-titre-30-150x150.jpg
maxi-malins.com/wp-content/uploads/2021/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2021/03/Sans-titre-30-150x150.jpg
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b07f92639cc1ecf257438ae47b8d69ce016077cf0621195453a52c918f57ebc

Request headers

:path
/wp-content/uploads/2021/03/Sans-titre-30-150x150.jpg
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; dtcs_1=ztEeS0gfDejdOfrdGXE9S1HdJdEcwBQtyBPoURIjTR38vRsnw02dGXE9S08dJdEcwBQtyBPuHYV3HuVrJOHrHYfuHYV3DdrdyQ7eDejdOfruJYTsDi8%3D; sid=dl8p158kuyywmbj
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3487
last-modified
Thu, 25 Mar 2021 13:54:05 GMT
server
cloudflare
etag
"d9f-5be5cbfa9c1af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79%2BPkUt2l9zRWCwUmXt0xxfNPgeFj2xuwocesrG8ot79VYediTQxpZIkp5p0oqg%2B7vYku91Ys0RX99JWic28JeFMyhv9TwDUTiCZv%2BR56wN4%2FrL5sm8P3vyKEo4Q8ezdhDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a0f39a8d85ad6b1-FRA
cookie.js
partner.googleadservices.com/gampad/ 		205 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=maxi-malins.com&callback=_gfp_s_&client=ca-pub-5460478803852549
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
fdd4d164719374cffdea796e9caffc35c19f623295de2d62ff86543f32492913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=maxi-malins.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FF93 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1634701231&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231337&bpp=18&bdt=110&idt=186&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254071446395&frm=20&pv=2&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
6d23fef76a34ff3ade299808c6aca3fc96ba7bc2fc606cc9d1ab30d7b5e5ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1634701231&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231337&bpp=18&bdt=110&idt=186&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254071446395&frm=20&pv=2&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:31 GMT
server
cafe
content-length
4128
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:31 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2A4C 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=1591425389&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231558&bpp=1&bdt=331&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=4547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=5qHI9SYePe&p=https%3A//maxi-malins.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
14d55a5cbdbf0f082629fae17cee93db85f51a9cce44a482ce3406fce9ff6e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=1591425389&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231558&bpp=1&bdt=331&idt=1&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=4547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=5qHI9SYePe&p=https%3A//maxi-malins.com&dtd=5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C714 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
bd1012caee4a376f8b6125bf3563583a83e3515c43f788f72fed41908c0b5a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
12864
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
0TUy6wZ+h7xhq74r2ENcpeUwFQkNHyx3wjmeSCGtDu1ytNrAUT0lOY6YrqznXHuAjc8BP76kPtU2yc92JVfQFw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 20 Oct 2021 03:40:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5M2MQ9B&cv=11&v=3&t=t&pid=335638633&rv=ai0&es=1&e=gtm.init_consent&eid=1&tc=4&z=0
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5M2MQ9B&cv=11&v=3&t=t&pid=335638633&rv=ai0&es=1&e=gtm.init&eid=2&tc=4&z=0
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5EDF 		83 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e8b8c816bdaaa207e3509c1cb1c06569ff8550485cdb9e7920e504bd986bfd75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
27769
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164973728-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3e144722815dfe9b518d33e2e109022d9704fccd7943b793b0ab47a4dc07bb23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49346
x-xss-protection
0
expires
Wed, 20 Oct 2021 03:40:31 GMT
v
apikeys.civiccomputing.com/c/ 		144 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apikeys.civiccomputing.com/c/v?d=maxi-malins.com&p=CookieControl%20Free&v=9&k=28d4008103494050a67ed420350e9553f883735b&format=json
Requested by
Host: cc.cdn.civiccomputing.com
URL: https://cc.cdn.civiccomputing.com/9/cookieControl-9.x.min.js?ver=5.7.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.75.66.243 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
80-75-66-243.civiccomputing.com
Software
Apache /
Resource Hash
94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://maxi-malins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apikeys
hit
date
Wed, 20 Oct 2021 03:40:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
vary
X-Forwarded-Protocol
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1
cache-control
max-age=7200, private
transfer-encoding
chunked
access-control-allow-headers
origin, x-requested-with, content-type
x-content-type-options
nosniff
expires
Wed, 20 Oct 2021 05:34:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6C15 		99 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
47a2309badafe9554466ebbf6c75a3da1fae3c8511453a07d937c855d14e4a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
31348
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5M2MQ9B&cv=11&v=3&t=t&pid=335638633&rv=ai0&es=1&e=gtm.js&eid=3&tc=4&tr=1paused.1paused.1paused.1html.5html.6paused.6paused.6paused&ti=1paused.1paused.1paused.1html.1html.1paused.1paused.1paused&z=0
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A369 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3070778759&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231492&bpp=1&bdt=265&idt=160&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=2585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=u86nk2BEcb&p=https%3A//maxi-malins.com&dtd=162
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
4f8af6e9378c9f18e50832d01206ddd1484f468c8d285783e77918193ac73c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3070778759&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231492&bpp=1&bdt=265&idt=160&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=2585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=u86nk2BEcb&p=https%3A//maxi-malins.com&dtd=162
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:31 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:31 GMT
cache-control
private
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=maxi-malins.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 03:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A27A 		86 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
68cb1304fedab6e8a724e878d3bca2cae24fc8484b9f56d063de85def9a6d269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
29368
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 03:55:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private
993870157700159
connect.facebook.net/signals/config/ 		489 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/993870157700159?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
437794678466b4860ab0b4a4ab0972838236f3098e0ed06affa277328000b7ad
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
cNi9O4PUuGSTZsFo+j3nX/6GsYJhHGGP3ogImJUCOLRER1y338gF9b5e6nQS6WVPz8/L+bGpcNub507hvPQDaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Oct 2021 03:40:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-T2MYSRZFQD&gtm=2oeai0&_p=989288817&sr=1600x1200&ul=en-us&cid=1473008117.1634701232&_s=1&dl=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&dt=Maxi%20Malins%20%E2%80%93%20Le%20site%20d%C3%A9di%C3%A9%20aux%20bons%20plans%20gratuits%20pour%20vous%20aider%20%C3%A0%20faire%20des%20%C3%A9conomies%20!&sid=1634701231&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T2MYSRZFQD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://maxi-malins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://maxi-malins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164973728-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
3214
date
Wed, 20 Oct 2021 02:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 20 Oct 2021 04:46:57 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=989288817&t=pageview&_s=1&dl=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&ul=en-us&de=UTF-8&dt=Maxi%20Malins%20%E2%80%93%20Le%20site%20d%C3%A9di%C3%A9%20aux%20bons%20plans%20gratuits%20pour%20vous%20aider%20%C3%A0%20faire%20des%20%C3%A9conomies%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=2030400304&gjid=244453361&cid=1473008117.1634701232&tid=UA-164973728-2&_gid=117915098.1634701232&_r=1&gtm=2ouai0&did=dZTNiMT&z=1639723995
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://maxi-malins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://maxi-malins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=993870157700159&ev=PageView&dl=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&rl=&if=false&ts=1634701231816&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634701231815.514042883&it=1634701231665&coo=false&rqm=GET
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 20 Oct 2021 03:40:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF93 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20211018&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&adk=1812271804&adf=3025194257&lmt=1634701231&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231337&bpp=18&bdt=110&idt=186&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6254071446395&frm=20&pv=2&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Sans-titre-99-150x150.jpg
maxi-malins.com/wp-content/uploads/2020/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxi-malins.com/wp-content/uploads/2020/08/Sans-titre-99-150x150.jpg
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3be6da3f1935457a0f854e4b63f779128f51ec9dba4908f0e34bec48002a64b

Request headers

:path
/wp-content/uploads/2020/08/Sans-titre-99-150x150.jpg
pragma
no-cache
cookie
dt_session=793d8b5a-3157-11ec-8806-ac1f6b00d584; CookieControl={"necessaryCookies":["wordpress_*","wordpress_logged_in_*","CookieControl","dt_session","wordpress_*","CookieControl"],"optionalCookies":{},"statement":{"shown":true,"updated":"10/06/2021"},"consentDate":1634701231635,"consentExpiry":365,"interactedWith":true,"user":"9991BE37-5EC9-4155-A8B1-5A2A0A2E25B2"}
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
maxi-malins.com
referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 20 Aug 2020 14:02:34 GMT
server
cloudflare
etag
"a45-5ad4f92793b59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwLq4CLULpZcQ%2FOo8Kw3zJ4UocKdxca%2BMVjkbn6B46tKATX8%2BAidaWlU9FBJNq0UuGWsBHp%2FLIrQyyUaZx2QYpc32dQ%2F8q2Fg141mLfKghNyBrcWzUNpG60uErQrucYXHWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a0f39ac19f6d6b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2629
adview
googleads.g.doubleclick.net/pagead/ Frame B08B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXL_8r49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTXAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzkqdVWFcmAnngvXr6I5pvs5j8oQiZlEfio43_b4bQneLnRxSQaNdwASrr9jd2gOSBQQIBBgBkgUECAUYBKAGEYAHxN-_eagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQq9UB0ggHCIBhEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01NDYwNDc4ODAzODUyNTQ5GAA&sigh=XocKKYshJZ8
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 03:40:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 20 Oct 2021 03:40:32 GMT
60910f36c6b4df913fc932b6
c.bannerflow.net/a/ Frame B08B 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/60910f36c6b4df913fc932b6?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCQCFZr49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTaAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzgifdPO-ZZP2RG_9ajUIOF0-7I75bH8HbRCUnDiCxGOnhfyKw7Kbtd12wASrr9jd2gOgBhGAB8Tfv3moB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAG4DAHYEw3QFQGAFwE%26ae%3D1%26num%3D1%26sig%3DAOD64_2NHMCxf_EC1bacxKQhLIF6owj4ew%26client%3Dca-pub-5460478803852549%26adurl%3D&cb=1619903599
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dda845bf12bf82bdf398644f67e437b074397f840a9428da6e0baf35b60171

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
6a0f39acda1d2790-PRG
link
<https://c.bannerflow.net/accounts/ehl/5fa94ba6c4d26710fca7fc3a/published/1267327/1468963/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame B08B 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b6596de23d75f6d59ecc63e27d437d29115ffe8d972dd5ae1014ff46753d2c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
server
cafe
etag
13200111939492008940
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:09:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame B08B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B08B 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 03:40:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame B08B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6290
x-xss-protection
0
server
cafe
etag
5128541104351419840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:55:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame B08B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7699
x-xss-protection
0
server
cafe
etag
16022440550062051545
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:25:42 GMT
truncated
/ Frame B08B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d99f0e1ddee59f70b4feb39b9ecb821bb774b21b8a09e75a9e946d45c0615afa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
preload.jpg
c.bannerflow.net/accounts/ehl/5fa94ba6c4d26710fca7fc3a/published/1267327/1468963/ Frame B08B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/ehl/5fa94ba6c4d26710fca7fc3a/published/1267327/1468963/preload.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67e8041f6f50df9131c41933ab303facdc0da2805cb7ff21eb7e3f2146646b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Oct 2021 03:40:32 GMT
cf-cache-status
HIT
age
141617
content-length
28314
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 11:52:42 GMT
server
cloudflare
etag
0x8D98F09214F61F0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
ac34703a-d01e-0085-4c1a-c4c0fb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a0f39ad3a3c2790-PRG
cf-bgj
h2pri
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5M2MQ9B&cv=11&v=3&t=t&pid=335638633&rv=ai0&es=1&e=gtm.dom&eid=9&tc=4&z=0
Requested by
Host: maxi-malins.com
URL: https://maxi-malins.com/?utm_content=NL3861&utm_source=alerte-echantillon&utm_campaign=NL&utm_medium=alerte3009300930093009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:32 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5EDF 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 03:28:42 GMT
server
ESF
date
Wed, 20 Oct 2021 03:40:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 03:40:32 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 5EDF 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1594
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:13:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame 5EDF 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7699
x-xss-protection
0
server
cafe
etag
16022440550062051545
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:13:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 5EDF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:24:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EDF 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 03:40:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 5EDF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6290
x-xss-protection
0
server
cafe
etag
5128541104351419840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:43:02 GMT
94b9e9edb15b7c220f12fa63d878a5af.js
www.gstatic.com/mysidia/ Frame 5EDF 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 12:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11213
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:34:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sun, 16 Jan 2022 12:52:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5EDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CreIDr49vYY3PJYy43wOF4aeYBqWPyO9l2rn-kN4N5sbHhowOEAEg-o-_fGDJBqAByPXa6QPIAQmpAi_uL8MXJLc-qAMByAPLBKoE2QFP0L5q1op0FcbabMD9eosVhJOEgbAXK_sfoybKCccuRbVrdEWuZ0n0uH9uZQDsBzgqxaI47Fa785GNHn59KtGOQEXQEnmERHb1SzUdUkQJDfp6euu4GP821WaSse12mtTR48BvbXjzOFz4NsQYB1w2Oiuw1RTaQXh8Jvw7g6jS934bhTJX73CTEKH1IlxI2HV6JSwAukfKD6kzC5rK3TdGPn3ssozvnzJ5_WRW0ARY5ttp3QaTxLU2QMUU4rWcy4KqfeOwtqTZ7kFxXtSC1C3pmTiHF2jo44kCwASIr-S_2AOSBQQIBBgBkgUECAUYBKAGLoAHoIqlFqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwUQ5MK6AdIIBwiAYRABGF-ACgHICwG4E4gn2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU0NjA0Nzg4MDM4NTI1NDkYAA&sigh=OvngT_RbRBU&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 03:40:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
5fa94ba6c4d26710fca7fc3a
c.bannerflow.net/tr/v2/pixel/ Frame B08B 		0
227 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/5fa94ba6c4d26710fca7fc3a
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60910f36c6b4df913fc932b6?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCQCFZr49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTaAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzgifdPO-ZZP2RG_9ajUIOF0-7I75bH8HbRCUnDiCxGOnhfyKw7Kbtd12wASrr9jd2gOgBhGAB8Tfv3moB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAG4DAHYEw3QFQGAFwE%26ae%3D1%26num%3D1%26sig%3DAOD64_2NHMCxf_EC1bacxKQhLIF6owj4ew%26client%3Dca-pub-5460478803852549%26adurl%3D&cb=1619903599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a0f39ad6a512790-PRG
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
downsize_200k_v1
tpc.googlesyndication.com/simgad/10277530342783386414/ Frame 5EDF 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10277530342783386414/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
6651de88245b4d579fffc80bb09a9eea19677aa3a793a7a5fa4f5ad0c7390bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 08:50:33 GMT
x-content-type-options
nosniff
age
67799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39539
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 14:07:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 08:50:33 GMT
truncated
/ Frame 5EDF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
12470617796777236628
tpc.googlesyndication.com/simgad/ Frame A27A 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12470617796777236628?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnf0O7D7gF8mfpCn5AHvp-OzE6FrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
b8df2cc8999bbb752357d5bfef2cdf20ee8569234c6c187715e23cabfaf9c10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 10:49:29 GMT
x-content-type-options
nosniff
age
60663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85881
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 12:24:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 10:49:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame A27A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7699
x-xss-protection
0
server
cafe
etag
16022440550062051545
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:13:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A27A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CA_ajr49vYfCyKYqS3gOUn7vYC9zs-4JitJKS__kNjZ_hivQKEAEg-o-_fGDJBqAB8Pm8igPIAQKoAwHIA8kEqgTXAU_QlM5_vSGiofNlXIeqC1iauj7JcgvdSmJMdKGj8u_AyVtVjC7yy7_usV2UthpjL8wrQQzpjpXXe5aYG8DAalVMecLZiekDatCX-d2tqPiY6ZuddhXrSgN1YJ1oy7zinkqoqLDAmikpiCkMLY-RLWu7yqUR_JqYGGln7t4xZrgl0LZybFU3tDmPxvNh9CzJoE_k62SXOBc8C14-QveyNMSn6dtRWpkwlNkp8FYo3RDSRoL7K2MldtV11Hjt2VW2d5yd4GRWqc4Nvv5GECgP_kTe0IW5iSi7wAScgb2_1wOSBQQIBBgBkgUECAUYBKAGAoAH-IXDdagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQobsO0ggHCIhhEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NDYwNDc4ODAzODUyNTQ5GAA&sigh=w8E_AyDKEok
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 03:40:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame A27A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:24:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A27A 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 03:40:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame A27A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6290
x-xss-protection
0
server
cafe
etag
5128541104351419840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:43:02 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame A27A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
21c293e6df6dde82c613e769026a9d9e4d1a67511d217141afa59f3838926318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11253
x-xss-protection
0
server
cafe
etag
15720074209988684830
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 14:35:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 980E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUllFePDaY1Nw_fWxN6mvuuP8LM0_l5guikO7tUGT6WBJlJFFdIrFFjWxKQ8HS0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 20 Oct 2021 02:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2755
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 980E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUllFePDaY1Nw_fWxN6mvuuP8LM0_l5guikO7tUGT6WBJlJFFdIrFFjWxKQ8HS0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 20-Oct-2021 04:40:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 5EDF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b563358d1ef43569a6814f0b9d0351ee94ead04954c08fcb59646f9dbe4cc03d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5EDF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:46:29 GMT
x-content-type-options
nosniff
age
114843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 19:46:29 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5EDF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:21:26 GMT
x-content-type-options
nosniff
age
119946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 18:21:26 GMT
truncated
/ Frame A27A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39d8182c3603c86bf3fe4d4b2b03cdc28dd4494693bca42e63a917c2a562d615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 5165 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=280&slotname=7006532600&adk=4130646920&adf=2209521972&pi=t.ma~as.7006532600&w=1110&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231396&bpp=3&bdt=169&idt=195&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VBEVtSKWJl&p=https%3A//maxi-malins.com&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 19:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
28353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 19:47:59 GMT
css
fonts.googleapis.com/ Frame 6C15 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 03:33:42 GMT
server
ESF
date
Wed, 20 Oct 2021 03:40:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 03:40:32 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 6C15 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b6596de23d75f6d59ecc63e27d437d29115ffe8d972dd5ae1014ff46753d2c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
server
cafe
etag
13200111939492008940
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:09:55 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5413230250890831387/ Frame 6C15 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5413230250890831387/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a616e4e40d33e8727bdd05e4870f5aa8e3e94d817ea85d4cadd0c612c084495d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47984
x-xss-protection
0
last-modified
Mon, 11 Feb 2019 00:45:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 03:40:32 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame 6C15 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7699
x-xss-protection
0
server
cafe
etag
16022440550062051545
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:13:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 6C15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 03:24:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C15 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 03:40:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame 6C15 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 02:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6290
x-xss-protection
0
server
cafe
etag
5128541104351419840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 02:43:02 GMT
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 480B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=227868707&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231502&bpp=5&bdt=275&idt=154&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c4a0d1c278716fd-22e1a115faca00d4%3AT%3D1634701231%3ART%3D1634701231%3AS%3DALNI_MbbDxii-cRqpom_TH_EE3XzJFsUaA&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280%2C825x369%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=3824&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=H3zXwsgvaT&p=https%3A//maxi-malins.com&dtd=157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 19:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
28353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 19:47:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6C15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cy8c1r49vYdLPKN6AjuwP0IC30Az8kNOTW6uduL_kCtCwquPgGBABIPqPv3xgyQagAdf54dIDyAEGqAMByAPLBKoE5AFP0CYJ2aHF7M0ndX2waGtF5cAXo3Mmzhy9LYWmLy6uQPjzD1j3VT7obyjUYmpsXTnjzpbXN6FWoG64YXup3KV70Qr00Pscce0bn-ZOTb_p9RWmyMR3MAylSh7Z36EgCA-MCF7J5h5LmUx3m5JIiDkQFUczFRUjWUp2EJ61-UEjQqf-ba2fhlmbORX4ZDnPWJSsrzgWQWNTgA6Au2HJ8qJMyNKnafYrmPbhZ6x-oZ2yGzH05JUs4j1R1S81hH1sFOBwivtwmR7qTRM2UmBcaRLDSdcvuaumirMHRVF0ZZP3dlvxTEnABNif7NfEApIFBAgEGAGSBQQIBRgEoAY3gAeRhp4tqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDEsxTSCAcIgGEQARhfgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTU0NjA0Nzg4MDM4NTI1NDkYAA&sigh=9_OgyoBynjg&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 03:40:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7EAD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUllFePDaY1Nw_fWxN6mvuuP8LM0_l5guikO7tUGT6WBJlJFFdIrFFjWxKQ8HS0; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 20 Oct 2021 02:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2755
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6C15 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:57 GMT
x-content-type-options
nosniff
age
558515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:57 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6C15 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:32:14 GMT
x-content-type-options
nosniff
age
558498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:32:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6C15 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
558531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:41 GMT
truncated
/ Frame 6C15 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecd6f162f9320ed5fd4d152dd15a9c9172210cdd4852b316250fe41c657f43bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211018&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c910bde08445fcc3b7d84d0a72f2c967f2fa6b1a7d9e7de326d85b1f7fc39283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8511
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7EAD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUllFePDaY1Nw_fWxN6mvuuP8LM0_l5guikO7tUGT6WBJlJFFdIrFFjWxKQ8HS0; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 20-Oct-2021 04:40:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 03:40:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame DDA8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=369&slotname=8475241531&adk=2320112641&adf=3863544591&pi=t.ma~as.8475241531&w=825&lmt=1634701231&rafmt=11&psa=0&format=825x369&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231457&bpp=4&bdt=229&idt=188&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369%2C255x600%2C1110x280&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Qcbx2Q9Ksi&p=https%3A//maxi-malins.com&dtd=191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 19:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
28353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 19:47:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 20 Oct 2021 03:40:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 876C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 19 Oct 2021 20:42:15 GMT
expires
Wed, 19 Oct 2022 20:42:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25097
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E930 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
930f9db940021bfc6aa9e37acfb6db12bf9ed1964a6c20c0863021589973ee51
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FcGNGzOFfLaAq6y2rBnF1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://maxi-malins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 20 Oct 2021 03:40:32 GMT
date
Wed, 20 Oct 2021 03:40:32 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FcGNGzOFfLaAq6y2rBnF1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 876C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 19:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
28353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 19:47:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E930 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211018&jk=59731596837989&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211018&jk=59731596837989&bg=!hIelh8PNAAao6lBpqOo7ACkAdvg8WqRhZIJZjX90WqMZS8PW1xONu2lHywSOHKzyLIp_mTngrGx8pwIAAABdUgAAAAloAQcKANSguR8otejEIkI2IM3qGYWsLLyzdbpzCXvmINLIhpKxVtNsJ6eJqPTZ50DRvwX3vxSg3zD89BYYgIV8E2eRQdi-dxxOTV-4lz6moW0VyXdlIzoGFLhuwE7i1gwV1H5VBJ5qf-Qi-4oS3esVfxu5f6bnR3-iMrnQfKStVU0MoLzKY_p9xWKJZEu2cxduzsy_sQAT0DBzYtHVpXbTwvS2CpplYoCy4RiYkc0NRwlm4tPmk-Row46BtwXt7WNKhLvxp4wI23en1Mi7Y3I-gW1-ydYu8Ay6b5kCrt1LHUllD-iCGXdmJ33g9Yvf3Bdug8t9MMx_OQ8s4KuKJpw9lEQf3W81iudA1ht6cqNs2VGbIUvWI4oeC5dlTF18BKFWDk_1ffnFfcuj564aoUxx8jZSrGpn05_fdrQMzhB4CuK1Pe1yUlgYOA0xgY03ifa7Jd_n8yCX1F11N94UC89olyW3siwRtj83FsXxXBdUskup5-d02QT1SJac3N-P0KMdNLuaEBKuAAeCaCLcVynSbuQ5SE7nom4mXsjg5n8h3eZTMdNtJCwnoVPaPvkunfuD5NXRMekkRbqVFpmjoYtrSRmclZDTffqZFNFFZHx70KIB1kIz9sY6zJvMAoMEJsFBmJA4uDgHbRLemm2UPu2kXE_OJWKfhr5PU1aeX2b51gJhEEXgmDC9vjA1yOByHxqD_HoXbeOh8yE8fp-ViTk7Oz2u4NTowzRfZNQGOP8Jn2gvOBl8mzO08yetzCwO2SK7jgPoYoKSfzw8H0j4MAkqTsmwM_H2MmFFXnTBkCr30xLMZllDfiYVonLhkQ6uY-8TM0PIbv2OiElAK1TnmWg0_4njZQ6ic4pDqhEFKxRyr-6Lkm2Zeifxl4tnCMLui8CR3CRprlk8UVpl4uhf1yqaZVz7NrBwL2zrOgiEJm5VDghj0iCBhltRVjW17PU07yCJIsKFKdIhOZNyNqigLyAgrzEe6stS1NHZQPiPOcAWdRZRs-GBFQvUsApDebNQa14u6EDQAdr8Gv9BMQ9H11RfuCDaDp4sMZN0oujNhxJTmEPO7XFNgowYPk1fDgnbryPXP0-7qj9OCQ0cB0u_x91ytHJnNmwusZ8r3T1lHaEGzybV8srb6KGbhE7vv5QVNgLA_NiRmLogiNjECx6t5Dx6XprpmOk9d4Gv5mCqKg5f1BDEqch6dt9NhKwC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-5M2MQ9B&cv=11&v=3&t=t&pid=335638633&rv=ai0&es=1&e=gtm.load&eid=12&tc=4&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:33 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.111426fc7b.js
c.bannerflow.net/accounts/ehl/5fa94ba6c4d26710fca7fc3a/published/1267327/1468963/ Frame B08B 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/ehl/5fa94ba6c4d26710fca7fc3a/published/1267327/1468963/document.111426fc7b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60910f36c6b4df913fc932b6?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCQCFZr49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTaAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzgifdPO-ZZP2RG_9ajUIOF0-7I75bH8HbRCUnDiCxGOnhfyKw7Kbtd12wASrr9jd2gOgBhGAB8Tfv3moB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAG4DAHYEw3QFQGAFwE%26ae%3D1%26num%3D1%26sig%3DAOD64_2NHMCxf_EC1bacxKQhLIF6owj4ew%26client%3Dca-pub-5460478803852549%26adurl%3D&cb=1619903599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f87c99c9ea8939b2e36280a16990fda89ac2d33d48fff38e30a65ee4657e8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Oct 2021 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ERQm/HsqSTu+uNlMAkfLTw==
age
141618
cf-polished
origSize=18043
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 11:52:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2d6909b3-c01e-001f-601a-c45e22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a0f39b39d4e2790-PRG
cf-bgj
minify
animated-creative.0a8ef50db90f970b0a68.js
c.bannerflow.net/scripts/ Frame B08B 		141 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.0a8ef50db90f970b0a68.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60910f36c6b4df913fc932b6?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCQCFZr49vYY_4I-WE3gO8l4qgCMLV9d1l7feWrs0N_MG1q64BEAEg-o-_fGDJBqAB-c6w9QLIAQmpAnYIrtHDLLI-qAMBqgTaAU_QL4ypzU2HHObLvNzpM5iaenGSucMabOLKbQz-VteE6BJ6kMistjzS50uxBuT-pikDXXpPTE8205LKborgVmtHkz8VExLiw8Us7uRc4Yi-ojpagTe4EOE-O7NHyt70TiiDi3WKlvh1n5nSjjsBOf6-CISm3lPotvB_NHuNbs_qq-96agrhjgvdQReUjHPHpFg1NfU5d1R8XGmRwearnWi5IH6BVOxjoYfyf5TIXOClzgifdPO-ZZP2RG_9ajUIOF0-7I75bH8HbRCUnDiCxGOnhfyKw7Kbtd12wASrr9jd2gOgBhGAB8Tfv3moB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAG4DAHYEw3QFQGAFwE%26ae%3D1%26num%3D1%26sig%3DAOD64_2NHMCxf_EC1bacxKQhLIF6owj4ew%26client%3Dca-pub-5460478803852549%26adurl%3D&cb=1619903599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69962e51dbe1918d04c5df4c67e30b4900525ad4967a56e1939a61494930d6fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Oct 2021 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7f0aplxsFXfoliQWF7qKfA==
age
637427
cf-polished
origSize=144402
x-ms-lease-status
unlocked
last-modified
Tue, 12 Oct 2021 08:32:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ad14e7f1-d01e-005e-0d98-bf06c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a0f39b39d4f2790-PRG
cf-bgj
minify
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=993870157700159&ev=Microdata&dl=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&rl=&if=false&ts=1634701233351&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Maxi%20Malins%20%E2%80%93%20Le%20site%20d%C3%A9di%C3%A9%20aux%20bons%20plans%20gratuits%20pour%20vous%20aider%20%C3%A0%20faire%20des%20%C3%A9conomies%20!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634701233351.227582539&it=1634701231665&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maxi-malins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 20 Oct 2021 03:40:33 GMT
truncated
/ Frame B08B 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
0daa135e-601a-42ad-931e-b9dc28ae11f3
https://googleads.g.doubleclick.net/ Frame EB0B 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/0daa135e-601a-42ad-931e-b9dc28ae11f3
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0a8ef50db90f970b0a68.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
668
activeview
pagead2.googlesyndication.com/pcs/ Frame 5EDF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxe-ZdfSkQ30a5ER5v9xASe9qMSFg7Xfmlp5H3EU8LaJOAdrjj9Rc_DDvh-N0y8R-P899Frx9GbaafOEZilsGpEiecw2FKSjZO4iLKbTbEeorRmNc&sai=AMfl-YSkVlrY2PEKdrPRFrFgiJSuyWmkmcvIAZJmvSGvu4gx_7-bVUWsI-9Da_UoHdYRFNAfOcjGBpeovEAv&sig=Cg0ArKJSzKnOsmlkxABMEAE&id=lidar2&mcvt=1010&p=0,0,280,1110&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20211018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4130646920&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634701231596&rpt=763&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 03:40:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame B08B 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5fa94ba67199e21378dd9c4a%2Fd233513a-527c-48bb-8cd7-573453e64ad8.woff&t=%20.Gabcdeghilnorstuy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a37fc7d1e45457d1e068a4565ed47171bb6bf36b345003274b6acf66707de9a

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
server
cloudflare
age
423234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=d233513a-527c-48bb-8cd7-573453e64ad8-subset.woff
cf-ray
6a0f39b4edaf4119-PRG
expires
Sat, 15 Oct 2022 06:06:39 GMT
font
c.bannerflow.net/fs/api/v2/ Frame B08B 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5fa94ba67199e21378dd9c4a%2Fa2ac3acc-1e15-4ae2-b258-8c7dc9c0266e.woff&t=%20ABEFINRSTUY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5460478803852549&output=html&h=600&slotname=4834545271&adk=4060945198&adf=1268090876&pi=t.ma~as.4834545271&w=255&fwrn=4&fwrnh=100&lmt=1634701231&rafmt=1&psa=0&format=255x600&url=https%3A%2F%2Fmaxi-malins.com%2F%3Futm_content%3DNL3861%26utm_source%3Dalerte-echantillon%26utm_campaign%3DNL%26utm_medium%3Dalerte3009300930093009&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634701231565&bpp=2&bdt=338&idt=2&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x369&nras=1&correlator=6254071446395&frm=20&pv=1&ga_vid=1473008117.1634701232&ga_sid=1634701232&ga_hid=989288817&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1100&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062525&oid=2&pvsid=59731596837989&pem=522&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=q0kWzl92OU&p=https%3A//maxi-malins.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1ec9515dde0a0e15d4f3b4755cbe8711ce5f81d86e66e61b96624e45a1f8bd

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
server
cloudflare
age
423234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a2ac3acc-1e15-4ae2-b258-8c7dc9c0266e-subset.woff
cf-ray
6a0f39b4edb04119-PRG
expires
Sat, 15 Oct 2022 06:06:39 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F8ea8b3ad-ef5e-45e0-8051-1e2c74f2b297.png&w=69&h=69&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e05f353c24ae39514411739a41c3ad20f6476224959b057d84157c61205962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e692790-PRG
content-length
2498
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2Fadea1b7d-8378-4b2f-a16c-1b2c01f8353f.png&w=240&h=354&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb231b301a567e0355dd8bd2157aaf90e46094f44e2c1d69804eeaceb30a02ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e6b2790-PRG
content-length
11340
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F73d235ab-bfd3-43b4-bb11-13b9b6e15424.png&w=154&h=315&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7882e87f1c852b05ac03a41e3a1029512833f74ad41fe717898ea33aa888b977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e6c2790-PRG
content-length
6230
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F68f0fba1-5d0a-4d3a-b911-11cd0d2a9236.png&w=154&h=315&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af3b29b90b7296bcf180efea70fcbb70d2eaa3ef5f9cb599a4d1888c6e44e4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e6d2790-PRG
content-length
6384
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F0632a936-df5f-436c-89f5-8adc64ecfb98.png&w=154&h=315&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba93555b65e303732f7aac646e00fe71af766fa0cd6b2669db156903069e34f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e6e2790-PRG
content-length
6188
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9C9F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fehl%2F5fa94ba6c4d26710fca7fc3a%2Fimages%2F6ed6cb59-eea6-4e2f-b0db-65e345c27b1c.png&w=185&h=358&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c36cb27a7d14e6611ee532ba88fbcffb5b235f30bb167721870733c02b0b726

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:40:33 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a0f39b55e6f2790-PRG
content-length
6728
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| gform object| _wpemojiSettings function| jQuery function| $ function| Inputmask function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_lpabyc object| google_tag_manager function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp function| fbq function| _fbq function| setImmediate function| clearImmediate object| regeneratorRuntime object| CookieControl function| dtcs_create_lead function| OfferCoreg function| initCoregs object| config function| openInscriptionNlModal function| submitInscription object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| JSON3 object| googletag object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
c.bannerflow.net/tr/v2/pixel/5fa94ba6c4d26710fca7fc3a Name: cc
Value: AV.pS6bE0mcQ_Kf8OmCRDzbGtN.RP8kytgAAAAAAAAAAASZzJwAjggAAAQ9tYXhpLW1hbGlucy5jb20-
maxi-malins.com/ Name: dt_session
Value: 793d8b5a-3157-11ec-8806-ac1f6b00d584
.maxi-malins.com/ Name: CookieControl
Value: {"necessaryCookies":["wordpress_*","wordpress_logged_in_*","CookieControl","dt_session","wordpress_*","CookieControl"],"optionalCookies":{},"statement":{"shown":true,"updated":"10/06/2021"},"consentDate":1634701231635,"consentExpiry":365,"interactedWith":true,"user":"9991BE37-5EC9-4155-A8B1-5A2A0A2E25B2"}
.doubleclick.net/ Name: IDE
Value: AHWqTUllFePDaY1Nw_fWxN6mvuuP8LM0_l5guikO7tUGT6WBJlJFFdIrFFjWxKQ8HS0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.maxi-malins.com/ Name: _fbp
Value: fb.1.1634701233351.227582539

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
apikeys.civiccomputing.com
c.bannerflow.net
cc.cdn.civiccomputing.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lk.super-fute.be
maxi-malins.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.nl.super-fute.be
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.16.12.64
104.16.19.94
142.250.181.225
142.250.185.100
142.250.185.104
142.250.185.142
142.250.185.163
142.250.185.98
142.250.186.163
142.250.186.42
143.204.98.52
157.240.20.19
157.240.20.35
172.217.16.130
172.217.18.98
172.67.178.204
185.107.232.127
216.58.212.162
52.51.34.139
80.75.66.243
0a37fc7d1e45457d1e068a4565ed47171bb6bf36b345003274b6acf66707de9a
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c9bc7534d077408a1b33568ff0c03071c9a2a9f27752478a82c70045d3ef172
0f57ff3ae62c2a0e5e01f3fabdc6ec8c334e03678dfbb091100bf58ab64aca15
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
14d55a5cbdbf0f082629fae17cee93db85f51a9cce44a482ce3406fce9ff6e36
15a82141b146999352fd683dbb538cde17f705ffb4740e7f076b80cbaa8bcb09
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1c7b71e04d2328d9b3f1713eb7361b56484d96fec03d8440318f0a7bfc4dd75e
21c293e6df6dde82c613e769026a9d9e4d1a67511d217141afa59f3838926318
21cf99167c29036d6130f6d01e8e27e03fd51ea6339f2d5ee4649ee829acb4a4
2b3ced96530911800bc074b23a7daf0b08ee93a501590a8b42427b38db8f7408
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3970aa6c7fe64632262645b7bb0ea4e1b138d0ddde8d649c587b6b444de57da2
39d8182c3603c86bf3fe4d4b2b03cdc28dd4494693bca42e63a917c2a562d615
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
3e144722815dfe9b518d33e2e109022d9704fccd7943b793b0ab47a4dc07bb23
4042f5731c4bb1306ab4f98c7464b5e9df07949ec6b1482d550f21714c1f4f53
437794678466b4860ab0b4a4ab0972838236f3098e0ed06affa277328000b7ad
47a2309badafe9554466ebbf6c75a3da1fae3c8511453a07d937c855d14e4a1d
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4bde63b112385009c82e1d7adf3b2b4be22d27e17e6cdb76ba3a6c6c53f83065
4f8af6e9378c9f18e50832d01206ddd1484f468c8d285783e77918193ac73c71
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
57822433972846ca3822762c868bd27a1ecf1fcb3eaf2715a008f2a277e0b8eb
579a39f846237311777c90589bfdb1066199a133625a3478e45ac30bb589bd0d
5ba93555b65e303732f7aac646e00fe71af766fa0cd6b2669db156903069e34f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c36cb27a7d14e6611ee532ba88fbcffb5b235f30bb167721870733c02b0b726
5e4a7382b8eb42922245a1e8566fd49fd8131caaf2d71f753bd07aff55fff216
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
5f87c99c9ea8939b2e36280a16990fda89ac2d33d48fff38e30a65ee4657e8af
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
61e6947025a4c24c17ef4c23dc8610add9ac6ac9fc840d7214690c648343cfe9
6651de88245b4d579fffc80bb09a9eea19677aa3a793a7a5fa4f5ad0c7390bba
68cb1304fedab6e8a724e878d3bca2cae24fc8484b9f56d063de85def9a6d269
69962e51dbe1918d04c5df4c67e30b4900525ad4967a56e1939a61494930d6fb
6b07f92639cc1ecf257438ae47b8d69ce016077cf0621195453a52c918f57ebc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d23fef76a34ff3ade299808c6aca3fc96ba7bc2fc606cc9d1ab30d7b5e5ee4b
7882e87f1c852b05ac03a41e3a1029512833f74ad41fe717898ea33aa888b977
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
7af3b29b90b7296bcf180efea70fcbb70d2eaa3ef5f9cb599a4d1888c6e44e4c
814656c609fa94f84c2c4deea3ab2d41c3794927867d34b2751b9f2802779122
83a4dc963bd4406c8bb45484d3ca07fce78d8f992c0b964f3af7354ef7bb254a
8703ae1bf756458f164a0d6ab98ed04e4f126da9ce586f5d40a73edf02c0c84c
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
8d313a1ead3467f225032ba25f279d016f27cf3fec38b0696f1c996124be27ec
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8dd3ba02305b63996ce4b413779c90cdad16dcf8a08dcbac172e0f8514cbe0f7
930f9db940021bfc6aa9e37acfb6db12bf9ed1964a6c20c0863021589973ee51
94d49d4992f768e9f774948202ad3991571e8329dcec5353ac34f5af29ec278e
95e0d7321e8d35a256beef50436a8ecb16c492d829d73047e9058a98859a7904
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a616e4e40d33e8727bdd05e4870f5aa8e3e94d817ea85d4cadd0c612c084495d
a67fd119b100a96704bb4478e75c2d086f1f98194de9828c29320db1e77009ab
b3be6da3f1935457a0f854e4b63f779128f51ec9dba4908f0e34bec48002a64b
b563358d1ef43569a6814f0b9d0351ee94ead04954c08fcb59646f9dbe4cc03d
b6596de23d75f6d59ecc63e27d437d29115ffe8d972dd5ae1014ff46753d2c8a
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b864890b203557e32fb86b5a54665789879b0558c70c052e91f20bacc47670de
b8df2cc8999bbb752357d5bfef2cdf20ee8569234c6c187715e23cabfaf9c10a
ba1ec9515dde0a0e15d4f3b4755cbe8711ce5f81d86e66e61b96624e45a1f8bd
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd1012caee4a376f8b6125bf3563583a83e3515c43f788f72fed41908c0b5a86
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
c0e05f353c24ae39514411739a41c3ad20f6476224959b057d84157c61205962
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5dda845bf12bf82bdf398644f67e437b074397f840a9428da6e0baf35b60171
c910bde08445fcc3b7d84d0a72f2c967f2fa6b1a7d9e7de326d85b1f7fc39283
cb231b301a567e0355dd8bd2157aaf90e46094f44e2c1d69804eeaceb30a02ab
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdd3121b3e04cd7786c42a66ed96c4a4a0c5744508db90bfc80b417ff7d0c01a
d4aba331d7113cf4c586e55c38b1b491fdb5b8ebd6e256af96872d3848c45bec
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d99f0e1ddee59f70b4feb39b9ecb821bb774b21b8a09e75a9e946d45c0615afa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67e8041f6f50df9131c41933ab303facdc0da2805cb7ff21eb7e3f2146646b7
e8b8c816bdaaa207e3509c1cb1c06569ff8550485cdb9e7920e504bd986bfd75
ecd6f162f9320ed5fd4d152dd15a9c9172210cdd4852b316250fe41c657f43bd
ed9cea8ccad4ae95807a34350d79d9199fc905ce6fc2261299be8e6bb8ae175f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29f129628cea39ef3252d61bd581ca42fb29ac1a54e9579428836c179c9d819
f42e4d5f009fdcf336048170d4d8472aa2a513d04d1da25a756e10ea485c014e
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdd4d164719374cffdea796e9caffc35c19f623295de2d62ff86543f32492913
ff258c45b7ccf641eb088434e73eee0fee77d7b3e7a6c3f44c8abb5d5a5561fa