ja.domainelespailles.net Open in urlscan Pro
2606:4700:3035::ac43:bd3d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.domainelespailles.net/
Effective URL:
https://ja.domainelespailles.net/
Submission: On June 16 via manual (June 16th 2021, 2:59:11 am UTC) from JP

Summary HTTP 138 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 25 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3035::ac43:bd3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.domainelespailles.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 13th 2021. Valid for: a year.

This is the only time ja.domainelespailles.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3035::ac43:bd3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.198.248.63 143.198.248.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
18	2606:4700:303... 2606:4700:3032::6815:976	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7 21	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	108.128.41.128 108.128.41.128	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
138	33

6 2606:4700:3035::ac43:bd3d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.63 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3032::6815:976 (United States)

ASN13335 (CLOUDFLARENET, US)

domainelespailles.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 7 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.41.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-41-128.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com 1 redirects pagead2.googlesyndication.com 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	277 KB
24	domainelespailles.net 1 redirects ja.domainelespailles.net domainelespailles.net	1 MB
17	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	201 KB
14	yandex.ru 5 redirects mc.yandex.ru	72 KB
10	ampproject.org cdn.ampproject.org	200 KB
9	2mdn.net s0.2mdn.net	238 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	7 KB
5	gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	100 KB
5	google.com 1 redirects adservice.google.com www.google.com	1 KB
5	zx-adnet.com cdn.zx-adnet.com	123 KB
3	googletagservices.com www.googletagservices.com	86 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
1	krxd.net beacon.krxd.net	348 B
1	google.de adservice.google.de	853 B
1	onetrust.com geolocation.onetrust.com	422 B
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	364 B
1	jquery.com code.jquery.com	29 KB
1	load02.biz load02.biz	20 KB
1	cstwpush.com cst.cstwpush.com	60 KB
1	ibb.co i.ibb.co	29 KB
138	25

	Domain	Requested by
22	domainelespailles.net	ja.domainelespailles.net domainelespailles.net
14	mc.yandex.ru	5 redirects ja.domainelespailles.net
13	tpc.googlesyndication.com	1 redirects ja.domainelespailles.net securepubads.g.doubleclick.net tpc.googlesyndication.com 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	cst.cstwpush.com securepubads.g.doubleclick.net tpc.googlesyndication.com 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	s0.2mdn.net	ja.domainelespailles.net s0.2mdn.net 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.domainelespailles.net
7	mc.yandex.com	2 redirects ja.domainelespailles.net mc.yandex.ru
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.zx-adnet.com	ja.domainelespailles.net cdn.zx-adnet.com
4	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	1 redirects ja.domainelespailles.net tpc.googlesyndication.com 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com ja.domainelespailles.net 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
3	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	ja.domainelespailles.net
2	ib.adnxs.com	2 redirects
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects ja.domainelespailles.net
2	cdn.jsdelivr.net	ja.domainelespailles.net
2	ja.domainelespailles.net	1 redirects
1	ade.googlesyndication.com
1	beacon.krxd.net	2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	ja.domainelespailles.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	js.wpushsdk.com	cst.cstwpush.com
1	na.nawpush.com	cst.cstwpush.com
1	code.jquery.com	ja.domainelespailles.net
1	load02.biz	ja.domainelespailles.net
1	cst.cstwpush.com	ja.domainelespailles.net
1	i.ibb.co	ja.domainelespailles.net
138	34

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
tr.admachina.com
domainelespailles.net
ar.domainelespailles.net
bg.domainelespailles.net
cs.domainelespailles.net
de.domainelespailles.net
el.domainelespailles.net
es.domainelespailles.net
et.domainelespailles.net
fi.domainelespailles.net
fr.domainelespailles.net
hi.domainelespailles.net
hr.domainelespailles.net
hu.domainelespailles.net
id.domainelespailles.net
it.domainelespailles.net
iw.domainelespailles.net
ko.domainelespailles.net
lt.domainelespailles.net
lv.domainelespailles.net
ms.domainelespailles.net
nl.domainelespailles.net
no.domainelespailles.net
pl.domainelespailles.net
pt.domainelespailles.net
ro.domainelespailles.net
ru.domainelespailles.net
sk.domainelespailles.net
sl.domainelespailles.net
sr.domainelespailles.net
sv.domainelespailles.net
th.domainelespailles.net
tr.domainelespailles.net
uk.domainelespailles.net
vi.domainelespailles.net
cn.domainelespailles.net
tw.domainelespailles.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-13` - `2022-01-12`	a year	crt.sh
covid19-dashboard.ivod.at GTS CA 1D4	`2021-05-17` - `2021-08-15`	3 months	crt.sh
ibb.co R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
cstwpush.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
load01.biz R3	`2021-05-10` - `2021-08-08`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://ja.domainelespailles.net/
Frame ID: BB9C1EAA9912E97F8FCC12F2B84E7AFE
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html
Frame ID: 8F725426D27618FEB213579C0C18700F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 8A722B1028C469FCDDF697AEFE3CA2A9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 6D73B0A0995344EE9878DD8B49E9C0AC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C7551B48DB86FF310DAC322A1502244
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 28C94AA9244323D21F6D6D94F08B385C
Requests: 15 HTTP requests in this frame

Frame: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6F54511254C00A89FFA825B802DB857
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c
Frame ID: 381724A805735BDE643DFC3E1A48BB0D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2301F17A0900A966272B91F2CFA2A99
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
Frame ID: C70C99BA06A51F4EBC652C856FAB79AA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ja.domainelespailles.net/ HTTP 301
https://ja.domainelespailles.net/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

138
Requests

94 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

33
IPs

6
Countries

2819 kB
Transfer

6469 kB
Size

6
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://tr.admachina.com/click?pid=202&offer_id=3235&sub1=p1

Search URL Search Domain Scan URL

URL: https://domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ar.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://bg.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://cs.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://de.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://el.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://es.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://et.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://fi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://fr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://hu.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://id.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://it.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://iw.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ko.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://lt.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://lv.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ms.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://nl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://no.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://pl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://pt.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ro.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://ru.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sk.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sl.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://sv.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://th.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://tr.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://uk.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://vi.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://cn.domainelespailles.net/

Search URL Search Domain Scan URL

URL: https://tw.domainelespailles.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.domainelespailles.net/ HTTP 301
https://ja.domainelespailles.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383

Request Chain 44

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9305.Su6sXShqIoescRIjnPFpE8LzwCIa6l32TvygskVHK1OgoDDzWFAHMbwesCQXBx59.n-DxmiHNpMHjMJ_EqcuoAL4lKUA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9305.2JoYy0E74ibSvMrdF2mRA3vlwaLyw6PbyLxnqBOWLIC8czjz_mJjuzuFiAVY05v6G7GW0byILTQ9yFdbGuxUHg%2C%2C.2rWihnxS0rXSbEsj_Y_V9U470wc%2C

Request Chain 52

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.7178169598605242 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.7178169598605242

Request Chain 54

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9538305242161671 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9538305242161671

Request Chain 56

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9651679236833051 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9651679236833051

Request Chain 58

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.8715823274944039 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.8715823274944039

Request Chain 60

https://mc.yandex.com/watch/71313778?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A765690982067%3Ahid%3A703501164%3Az%3A120%3Ai%3A20210616045844%3Aet%3A1623812325%3Ac%3A1%3Arn%3A220770294%3Au%3A1623812325557996299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623812323861%3Ads%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C207%2C0%2C%2C%2C%2C332%3Adsn%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C209%2C1%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623812325%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles HTTP 302
https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A765690982067%3Ahid%3A703501164%3Az%3A120%3Ai%3A20210616045844%3Aet%3A1623812325%3Ac%3A1%3Arn%3A220770294%3Au%3A1623812325557996299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623812323861%3Ads%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C207%2C0%2C%2C%2C%2C332%3Adsn%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C209%2C1%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623812325%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles

Request Chain 73

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXvvLmCxCSBRiSBTIIhAwDuHD40ko HTTP 301
https://tpc.googlesyndication.com/simgad/8818242468359413148

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259&C=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMlo5kxi.YPEe8Bw2.9q8AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyMjYyNjk5Njg1NDk2MDU4MA%3D%3D

138 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.domainelespailles.net/
Redirect Chain

http://ja.domainelespailles.net/
https://ja.domainelespailles.net/

64 KB
9 KB

79ms
62ms

Document
text/html

2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdaaede5854ad6ce0a67cce6c57ef27437d5c3ec1576d4f69a2acb5900472a20

Request headers

:method: GET
:authority: ja.domainelespailles.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:43 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Thu, 17 Jun 2021 02:58:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0ab45ad2440000dfa9e81e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FjC7QNEU3SCveg5kK%2Fw6tIfKvQcusFuYw2qy3oBrwhkGLvAe5uAc7FVJhYMJRIO7rIXuwbQDz0N%2B7OwU%2FvkMaSs3cqea%2Ff8KWgwpAfAVPQs0Amonb2jWeI9KS8zzlm2LUXpzxkEDI%2BmUqefPhNVuqfjk"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6600c7306c9bdfa9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 16 Jun 2021 02:58:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 16 Jun 2021 03:58:43 GMT
Location: https://ja.domainelespailles.net/
cf-request-id: 0ab45ad225000005e46621c000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BYtb8t%2B7NE6f4wkNL0e6rxdxoPPk%2Ban9Hxycj48pw%2F%2Fy6ZrVPik9kwvMsG2AAGI126D4wjS6x8m5RSefEVO5hkAt8z4ior5kw7jdOpiPBOjDs6SvGjmwnzKZa8Zw4DCSf4X7%2Fzm%2FjycDzwwPuxRtIXpc"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6600c7303d8005e4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 144 KB
19 KB 61ms
18ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623812324.026459,VS0,VE1
etag: "5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by: cache-cph20620-CPH
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 16 Jun 2021 02:58:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19503
x-cache-hits: 1

GET
H2 200 payoneer300px.png
i.ibb.co/RBmChvT/ 28 KB
29 KB 113ms
36ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/RBmChvT/payoneer300px.png
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 339106ca1ee04659f2073f307a2f5ff696c0e659d2651e6067021021d1f0e456

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 09 Jun 2021 18:01:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28949
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
domainelespailles.net/template/domainelespailles/css/ 641 KB
80 KB 55ms
47ms Stylesheet
text/css 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/css/style.css
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903b7d70660ecd4b49d3878998c2118064c37cf88be82af6eb023744ed379033

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 877953
cf-polished: origSize=677484
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad2910000dfa9dc3ee000000001
last-modified: Tue, 19 Jan 2021 07:42:06 GMT
server: cloudflare
etag: W/"a566c-5b93bf9b04533-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LdC%2FoTnDPW3TVfa4YwW5S0ppAeUh5Gt9yLSqPtSR2H9caiHqf6b2aaiVyV5q8Gplm9j98TwZY7zG%2BKuS%2BvBix6eWjw9WuqRXWMwhnSUrn130YFLDNjiLPp1J1bUowp4xR3NaFN3yGZdQa%2FxU7rh0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6600c730ed06dfa9-FRA
expires: Sat, 19 Jun 2021 23:06:11 GMT

GET
H2 200 scripts.js Show response
domainelespailles.net/template/domainelespailles/js/ 431 KB
99 KB 46ms
39ms Script
application/javascript 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/js/scripts.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 463372edb7ab8600022a1bf6f37a69a13006b84c8767c3067c3ce8668a28eefd

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 877952
cf-polished: origSize=442827
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad2910000dfa96c3d1000000001
last-modified: Tue, 19 Jan 2021 07:43:08 GMT
server: cloudflare
etag: W/"6c1cb-5b93bfd5a9063-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VIG9fBFyPcivbEcQNtzaFBcvyuHuhLEhpX1eQOUKc8ubFftS18eP8H2oLljfSXLhUsihKJT6v%2Fva8eM52ahfjAE3%2BXR9Q7EcKsM2ZJsJP2itvLfTQPeLuBzqUYI4R0LRKfm3ZR79Tcw4t5hWAhGE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6600c730ed0cdfa9-FRA
expires: Sat, 19 Jun 2021 23:06:11 GMT

GET
H2 200 adv.css
domainelespailles.net/template/domainelespailles/css/ 61 KB
42 KB 25ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/css/adv.css
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1036662
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad2910000dfa964a21000000001
last-modified: Fri, 12 Mar 2021 19:57:00 GMT
server: cloudflare
etag: W/"f5d7-5bd5c4da06f50-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5YrxLKCwTrlluvWfFs34Q90EwC1FygBr3naIvDwCc5WVakf4aJhB7VwqcRx153cVPHwQRpwMGxCI2CZQhkmwP3PPYByoHXij9PvSgBXG4WD7aoif2ZTrF46yq5Lw9P%2B9TnHcCqAz9PA2srhGxMcv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6600c730ed0adfa9-FRA
expires: Fri, 18 Jun 2021 03:01:01 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9371
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad28a00004de2c9313000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6600c730de3f4de2-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
6 KB 15ms
14ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29340
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad28a00004de2bd367000000001
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6600c730de424de2-FRA

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 119ms
28ms Script
text/plain 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 02:58:44 GMT
Connection: Keep-Alive
Last-Modified: Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs: atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id: tx00000000000006247b210-0060c95e4c-fc22bc6-fra1a
etag: "f7f10698b0e6bb748101b0917e29d311"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1623812324.dop010.sk1.t,1623812324.cds021.sk1.shn,1623812324.cds021.sk1.c
Content-Type: text/plain
Cache-Control: max-age=888
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60434

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 97ms
33ms Script
application/javascript 143.198.248.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6d8444b8e4646f2cb92083a48b53d284885bd67f41220c7ecd3f62df4e6e85f1

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Jun 2021 02:58:44 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 9ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:43 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:11:56 GMT
server: nginx
etag: W/"56cb5d7c-14e7e"
vary: Accept-Encoding
x-hw: 1623812323.dop231.fr8.t,1623812323.cds208.fr8.hn,1623812323.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H2 200 jquery.unveil2.min.js Show response
domainelespailles.net/template/domainelespailles/js/ 3 KB
2 KB 29ms
22ms Script
application/javascript 2606:4700:3035::ac43:bd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://domainelespailles.net/template/domainelespailles/js/jquery.unveil2.min.js
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bd3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1026011
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ab45ad2910000dfa9243d2000000001
last-modified: Tue, 19 Jan 2021 07:43:07 GMT
server: cloudflare
etag: W/"b2e-5b93bfd4a34e2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F72DsIAAI9T6OMXOUxTYbWSUiHbJhKbuHAJ6ONr8zdNZQ1o%2ByF1Q%2BpRgopEtpwylqjluYnajy1%2BgZ7SBrY4q4CYRd5sjsXEGfmkeINNBlYzu8qfbqcXXmyaQlgYlc6UsQ2w0xgMBfI34exsQ7ox%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6600c730ed09dfa9-FRA
expires: Fri, 18 Jun 2021 05:58:32 GMT

GET
H3-29 200 what-is-the-difference-between-a-certificate-and-a-key-with-respect-to-ssl-3.jpg
domainelespailles.net/include/what/ 45 KB
46 KB 55ms
43ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/what/what-is-the-difference-between-a-certificate-and-a-key-with-respect-to-ssl-3.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179041649333c87cd065a8e342c4158274be2426542c5e2f64c950b402d4db1e

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46439
cf-request-id: 0ab45ad2c80000d6bd6e391000000001
last-modified: Tue, 19 Jan 2021 07:44:18 GMT
server: cloudflare
etag: "b567-5b93c018d7454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cG0UJ%2Fyz14JXwn8Ebhnm0%2FxjT99nkRvYFCl6RvVfNaQ5gjZ9Z%2FXQtm2JgiN4yWK0OyGXq0B248c9YSFPzwSH%2F8lD9SwYtIfJQ3fPJfE5RNcKC66uPyqGdCkIfMtVKAGpBCxpAI2WPYRoLH3pP36x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d43d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 go-to-file-feature-plugin-for-notepad.jpg
domainelespailles.net/include/go/ 140 KB
141 KB 80ms
68ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/go/go-to-file-feature-plugin-for-notepad.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f6869fb73a613ab806aa0fdf204902f4619f85281fa5cde7270bcfe4f7e8a0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 143220
cf-request-id: 0ab45ad2d10000d6bdfd9f6000000001
last-modified: Tue, 19 Jan 2021 07:43:30 GMT
server: cloudflare
etag: "22f74-5b93bfeaa6128"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xPLb6Xbv5QU0xuXbl980jc9kgML7z%2BctJftfZ3A9508e86InUHHIhJafbdM4EWrx0OL6QRQuQBeNFckTvUJj3iUWF6R8i1MS0Nfko0iuEHHsduJg98mRfCkVJ4dUHwX8Mt8B0shPwAK8ebkLkWNv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d48d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 continuously-monitor-files-opened-accessed-by-a-process.jpg
domainelespailles.net/include/linux/ 177 KB
178 KB 89ms
77ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/linux/continuously-monitor-files-opened-accessed-by-a-process.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a27c332e0d89ed5a7fd7c3e5a7cbd911bb6aec48b4dec57c78fd4ee2300138af

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 181531
cf-request-id: 0ab45ad2cf0000d6bd5aacb000000001
last-modified: Tue, 19 Jan 2021 07:43:45 GMT
server: cloudflare
etag: "2c51b-5b93bff90b9ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tQmLXMv19XAxxYGd3r%2BJ7tBQgeVWmeOQ9ryh1mdpOWzDBDWeD4s1VdlywrgQg4B49oyR3EcxjCHLB8SUUqpkBzMv6p6Gcxsfo0YKIBLzZhVkZ52sG5CDkMHbz4klN3khtbLFAC1zBc2S5YDJu%2B6K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d4ad6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 sudo-without-password-when-logged-in-with-ssh-private-keys.gif
domainelespailles.net/include/linux/ 67 KB
67 KB 60ms
49ms Image
image/gif 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/linux/sudo-without-password-when-logged-in-with-ssh-private-keys.gif
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2b3c2c70d2b1a286b78677c2a81aad7d7b81667852617ac5468c8738020576

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68139
cf-request-id: 0ab45ad2c80000d6bdfe0e5000000001
last-modified: Tue, 19 Jan 2021 07:43:48 GMT
server: cloudflare
etag: "10a2b-5b93bffc21a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DMGftzDJJEIXGe1KnRwXd6auzyQ%2F6gh0Y6fgphvPBAY%2FjKZ0q447bYfkYN%2BV1xEdrkoCnWzGVyFDJqwhA%2FKjuwNcRIzGBBSokTqdWaIwl5Hls%2B71Klo8fWioaYelBSMRodfvO%2F4S%2BGuARxj2ojIL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d42d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 quick-way-to-tell-if-an-installed-application-is-64-bit-or-32-bit.jpg
domainelespailles.net/include/windows/ 85 KB
86 KB 74ms
62ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/windows/quick-way-to-tell-if-an-installed-application-is-64-bit-or-32-bit.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380fa94dfaf2647285f4035a523f6a0674c975e2486e5fccb782f0421eb0d23f

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 86934
cf-request-id: 0ab45ad2c70000d6bd332c8000000001
last-modified: Tue, 19 Jan 2021 07:44:26 GMT
server: cloudflare
etag: "15396-5b93c0200bff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hQYTvqPumtKT8pQt9Y14k9lEAu56NfEovdM%2BNHhpkB7XHzBPVv3q63bzPKDp6U%2FxIEl4OnweFqhI2kfhTTraVEsx8C79PqgmlRy5vKawQOvKW8vw1kML8acXMoTHFAFU%2F%2F6stHyJKE9zxmwTJHa%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d3fd6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 chrome-displays-a-page-for-split-second-then-it-goes-blank.jpg
domainelespailles.net/include/chrome/ 68 KB
69 KB 94ms
83ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/chrome/chrome-displays-a-page-for-split-second-then-it-goes-blank.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60070d9847a84df9bd3a2ff9257f756e1a3044355a4be3752a008bea64a1a315

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 69697
cf-request-id: 0ab45ad2cf0000d6bd253c4000000001
last-modified: Tue, 19 Jan 2021 07:43:22 GMT
server: cloudflare
etag: "11041-5b93bfe362b26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5eQHb8pgTbhf6h5SH7Hkgga0qXvdNYGI%2BKkX0w%2B8eiN7sFEEbECFS0LOqbjucdcbhZiRbwTD8bTKlAAYmH%2BOBJ3VRJvIN3Xna9wOB4rGr5MOEcwtiZui6yS6KHRo4PqSbN6%2BCum%2BRKA%2FrwqAt2ZG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d4cd6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 show-cell-selection-in-excel-when-not-in-focus.jpg
domainelespailles.net/include/show/ 136 KB
137 KB 99ms
88ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/show/show-cell-selection-in-excel-when-not-in-focus.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fc09fee0d2a0620c0ce05c3c9440cfd3896075917f5df15622fe678b7c050f

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 139661
cf-request-id: 0ab45ad2cf0000d6bd4b0e5000000001
last-modified: Tue, 19 Jan 2021 07:44:08 GMT
server: cloudflare
etag: "2218d-5b93c00f76e12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zKuPK6g%2FTPZzj5L92vcxbBnP2NiKl45TMvgoKZvVerobi5PzGqWQ1go42scogaxfL7fuS%2FjeSsgwOlSEndqNot4vZcyi9z6canJeP9eW%2BgC%2BNAjRTrLkGg4BmFtTEpBR1AHke59keiOb1P1ab3X%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d53d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 is-there-a-directory-history-for-bash.jpg
domainelespailles.net/include/is/ 56 KB
57 KB 98ms
88ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/is/is-there-a-directory-history-for-bash.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ca4961753a6afa5fafb38415880c611e924f42c6d9c1cc052b7f10fc6928f3

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 57832
cf-request-id: 0ab45ad2cf0000d6bd1dbcd000000001
last-modified: Tue, 19 Jan 2021 07:43:42 GMT
server: cloudflare
etag: "e1e8-5b93bff68234b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rvwHmnx6vO98U6wFRlVfEbfPA1pyBarRQs4NG%2FBMWxiL621pMY9ZF%2FeLMc7HTQYtNTVuW1wd2o7uuDBoMUU%2FDIVbSqqFR95%2BksLnv9is%2BsqzebBnHzL2Xs2HzfYN04plU5c3WtcDwXmVNxeQbi7f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d52d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 can-i-connect-two-monitors-to-my-computer-using-an-hdmi-splitter.jpg
domainelespailles.net/include/can/ 43 KB
44 KB 97ms
86ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/can/can-i-connect-two-monitors-to-my-computer-using-an-hdmi-splitter.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 078690b310422a2d14b66bbe9adc916f1aced4610e14cf122fbc3cdd83fa58f6

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44436
cf-request-id: 0ab45ad2ce0000d6bd6aae1000000001
last-modified: Tue, 19 Jan 2021 07:43:21 GMT
server: cloudflare
etag: "ad94-5b93bfe221686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6sSw1ugnV8Od6kD7duF5KdbVmjbV1LR42NV27QYAwJ4SYERKPmiAnhC2vdly3w4U2D9bRw%2BAdgb5gyWfURr%2BVgYzrqD5EXWenP0Z4%2Fj9tkHAay%2FxkoM3WJFM5fX6vN1c4BhtuaX%2F3C42WrJI9mEN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c7313d4ed6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383

43 B
528 B

69ms
69ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.domainelespailles.net/;0.393686359148383
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 15 Jun 2020 21:00:00 GMT

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET Stein-Icons.ttf
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqwqcsdrM.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET qkBWXvYC6trAT7zuC8m5xL1lmgzD.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-pgGIyY0.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET
H3-29 200 how-to-ignore-a-tracked-file-in-git-without-deleting-it.jpg
domainelespailles.net/include/how/ 64 KB
0 39ms
37ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/how/how-to-ignore-a-tracked-file-in-git-without-deleting-it.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 112794
cf-request-id: 0ab45ad31e0000d6bd18917000000001
last-modified: Tue, 19 Jan 2021 07:43:38 GMT
server: cloudflare
etag: "1b89a-5b93bff29746a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QSGAC%2BCRHQzD%2B8igSfG2JjWdyczLhF%2FvRodDZHzQ0%2BVwQtSIbfAePWa9RPt9DHBHQdINz7PbL8hbT0nMin8T8zQeQ16N%2BmsgpHY7h3naPvtxuen6Bp1yEopwpuDESz%2FPhOg1n7MSazn8Kr5WCb6x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdbdd6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 special-characters-in-ssmtp-password.jpg
domainelespailles.net/include/email/ 47 KB
47 KB 46ms
44ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/email/special-characters-in-ssmtp-password.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6ee80f9dd0dab76ec8d93b9bd8172e15e2096fe45d390160c73f5486d8d4e3

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47680
cf-request-id: 0ab45ad31f0000d6bd41145000000001
last-modified: Tue, 19 Jan 2021 07:43:27 GMT
server: cloudflare
etag: "ba40-5b93bfe7fa7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IGD5PuDZjoADLF3zmxwzVZ8LX5VOVp2OrwndElM8bYvLfmxb%2FnMHhK7eRapzvL0%2B%2BIk7AK5WIf41z7zcnxSqizs6iZ7mIcX1EEmsy%2FA%2F2aSzx0IMvo4BH52NMDS70rJsBndyQNs%2BgQc4NknxBrCP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdbed6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 high-cpu-usage-from-firefox-and-poor-overall-performance.jpg
domainelespailles.net/include/high/ 146 KB
146 KB 53ms
51ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/high/high-cpu-usage-from-firefox-and-poor-overall-performance.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c55bce1e9727059dec0ad7dbf83a897e004d054620de8213779495a30c5fae

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 149029
cf-request-id: 0ab45ad31f0000d6bd3d876000000001
last-modified: Tue, 19 Jan 2021 07:43:32 GMT
server: cloudflare
etag: "24625-5b93bfec8c669"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NmlBOjWsWedLdW79tFilt9%2FWIidl78iZR%2F%2F0lN%2FeKIt8NDH4xy6Fh1sW9P3IGVzlDRIzcCNY1wC%2Fxy9fsTi2U2%2FqhjOy56E8eUtPkkrTbFMsmyPzP7SYzBm9LFpAIF1YKHEqI3RTyQYrnOI%2F7Vw%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdbfd6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 hide-annoying-vmware-hint-to-release-input-press-ctrlalt.jpg
domainelespailles.net/include/hide/ 19 KB
20 KB 47ms
45ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/hide/hide-annoying-vmware-hint-to-release-input-press-ctrlalt.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55fddf5d1ddb0c6c9f8f907e2ca2da4765300aed7919a12811cfb4e6253b5746

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19800
cf-request-id: 0ab45ad3210000d6bd62236000000001
last-modified: Tue, 19 Jan 2021 07:43:32 GMT
server: cloudflare
etag: "4d58-5b93bfec89789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7kIyX2%2FdyBjZyov45bIunrpkUFmkm1ELx%2FEoqXBmAVvbDHWT%2FV14RaNimZAURWKa1xdsEJ8pC6ZNiAyR%2BpH2ONVVT0iW8y886GAR1AJo5DOUFm0NTBHucwks03ds7NF1sPaYGGkN%2Byzr%2FLNfIuTa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc1d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 what-is-the-equivalent-of-linuxs-tilde-in-windows.jpg
domainelespailles.net/include/what/ 100 KB
101 KB 17ms
15ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/what/what-is-the-equivalent-of-linuxs-tilde-in-windows.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea11beae12f3103df062a886545a84d41c2f6228f84aaf18ba612c1498bc531

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 102893
cf-request-id: 0ab45ad31f0000d6bdfe0e9000000001
last-modified: Tue, 19 Jan 2021 07:44:18 GMT
server: cloudflare
etag: "191ed-5b93c018dd214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BqrGzFSl0OvQvVHYHDE8ua8i%2Fr58p0LsUefZHP0gDTfVTM33%2FafL8ZmscUxCkR9JUWNqwSVzjiS30AvRrq0lTSeQMvUOLqkpeEjVnIZgc2nmziGCtWAmcZs4bTmmVZVqdRhb4VD0Z2UolSqhi1jv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc3d6bd-FRA
expires: Thu, 16 Jun 2022 02:05:55 GMT

GET
H3-29 200 change-default-directory-of-documents-and-settings.jpg
domainelespailles.net/include/windows/ 64 KB
0 51ms
50ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/windows/change-default-directory-of-documents-and-settings.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157949
cf-request-id: 0ab45ad3200000d6bd001f2000000001
last-modified: Tue, 19 Jan 2021 07:44:21 GMT
server: cloudflare
etag: "268fd-5b93c01b14834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=StND5Ufp%2BBNRpJ4BEzCIyRIx3Dru4XE5R8QGc8Zr636wv6KTXKRHqVlsFWmZ4U5gxo3G2Dk8QO%2Bcp1z9A5W5ibuteHhDg5ibxEvhUk2PfCCNXK7Ry8jh2kb%2FV37xjRC%2BsubmZO%2F%2BqpQte8r4Uhhy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc4d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 how-can-i-do-ctrl-z-and-bg-in-one-keypress-to-make-process-continue-in-background.jpg
domainelespailles.net/include/linux/ 64 KB
0 38ms
36ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/linux/how-can-i-do-ctrl-z-and-bg-in-one-keypress-to-make-process-continue-in-background.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 182170
cf-request-id: 0ab45ad3200000d6bd5f9bf000000001
last-modified: Tue, 19 Jan 2021 07:43:45 GMT
server: cloudflare
etag: "2c79a-5b93bff97610c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QTGfIq4H0N92INLBZFPoy1P%2Bd4brRVLnfJQM29GmOIoEMkcGoXtLU43yyCKFYcfXJ633Z90WiP8K4hiRq%2FDnKLps1boIDid%2FPgBEnn02lbLycIQzlJNqWZTbVNcEX0kIuaiC6RGuBfgu4LZMRfkX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc6d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 problems-installing-ping-in-docker.png
domainelespailles.net/include/linux/ 64 KB
0 54ms
52ms Image
image/png 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/linux/problems-installing-ping-in-docker.png
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 596102
cf-request-id: 0ab45ad3210000d6bd0f25a000000001
last-modified: Tue, 19 Jan 2021 07:43:47 GMT
server: cloudflare
etag: "91886-5b93bffb50acc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s%2FuadO%2BcWGj5EllKLtIw82nJypUDkF1SwpU7SGkftETWM8Lo0JDDXH%2BdCCeHvyg7BOvHlX5GWqaqZkSNAotjmg3SCcEtJGkWXS5SGeeeE1OR6ysOF%2F5GS0Q%2B8U6IhUQp0%2BKUrLM%2Br6wff%2FrKcKVj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc8d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET
H3-29 200 go-frame-by-frame-through-a-movie-with-a-precise-timer-2.jpg
domainelespailles.net/include/video/ 64 KB
0 55ms
52ms Image
image/jpeg 2606:4700:3032::6815:976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://domainelespailles.net/include/video/go-frame-by-frame-through-a-movie-with-a-precise-timer-2.jpg
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 249797
cf-request-id: 0ab45ad3210000d6bd332cb000000001
last-modified: Tue, 19 Jan 2021 07:44:15 GMT
server: cloudflare
etag: "3cfc5-5b93c01627c53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7HKVFD0a%2BYhn5amK5CfPG2TnCYbK8543GjgD6ciGJOp5OA%2FUbQ6tv2MSPTFWWO4IKb%2FUQX7tDWMwWGwkgpZ8BYq826ReaZtfNYXfMTABoyyx8jZTjPUaZ7cLoI4aeu1IJSX3KbI1uQdds%2FI6g0MQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6600c731cdc9d6bd-FRA
expires: Thu, 16 Jun 2022 02:58:44 GMT

GET Stein-Icons.woff
domainelespailles.net/template/domainelespailles/css/fonts/ 0
0

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
230 B 19ms
18ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623812324.163322,VS0,VE1
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-cph20620-CPH
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 16 Jun 2021 02:58:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 1

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 242 B
364 B 77ms
25ms XHR
text/plain 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a810e1302216d25b1aacd80a9aa1437d270806fcea9ee061554682f24afe2a31

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Jun 2021 02:58:44 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb3d373e1afe96983846467891e3bb68a96ae61826af8496c76a99c7b183affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48818
x-xss-protection: 0
server: cafe
etag: 17595994044180899189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 02:58:44 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 218 KB
70 KB 233ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-114ef"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70895
expires: Wed, 16 Jun 2021 03:58:44 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
366 B 273ms
273ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.domainelespailles.net/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-cph20620-CPH
server: Google Frontend
x-timer: S1623812324.264692,VS0,VE256
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: eca004123aa66ce5c6730d436751c078
cache-control: max-age=3600,public
function-execution-id: 90v2xacl39mi
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DK
x-cache-hits: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/ Frame 8F72 10 KB
5 KB 25ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Jun 2021 10:43:54 GMT
expires: Tue, 29 Jun 2021 10:43:54 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 58490
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 80ms
24ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 16 Jun 2021 03:58:44 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9305.Su6sXShqIoescRIjnPFpE8LzwCIa6l32TvygskVHK1OgoDDzWFAHMbwesCQXBx59.n-DxmiHNpMHjMJ_EqcuoAL4lKUA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9305.2JoYy0E74ibSvMrdF2mRA3vlwaLyw6PbyLxnqBOWLIC8czjz_mJjuzuFiAVY05v6G7GW0byILTQ9yFdbGuxUHg%2C%2C.2rWihnxS0rXSbEsj_Y_V9U470wc%2C

75 B
75 B

49ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9305.2JoYy0E74ibSvMrdF2mRA3vlwaLyw6PbyLxnqBOWLIC8czjz_mJjuzuFiAVY05v6G7GW0byILTQ9yFdbGuxUHg%2C%2C.2rWihnxS0rXSbEsj_Y_V9U470wc%2C

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9305.2JoYy0E74ibSvMrdF2mRA3vlwaLyw6PbyLxnqBOWLIC8czjz_mJjuzuFiAVY05v6G7GW0byILTQ9yFdbGuxUHg%2C%2C.2rWihnxS0rXSbEsj_Y_V9U470wc%2C
date: Wed, 16 Jun 2021 02:58:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 16 Jun 2021 03:58:44 GMT

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 179 B
422 B 35ms
18ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6600c734af1a323c-FRA
cf-request-id: 0ab45ad4e50000323c0120b000000001

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 19ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623812325.609523,VS0,VE2
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-cph20620-CPH
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 16 Jun 2021 02:58:44 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 1

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 19ms
19ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 14 Jun 2021 10:46:48 GMT
x-timer: S1623812325.741611,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-cph20620-CPH
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 16 Jun 2021 02:58:44 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 183ms
90ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

ba6ea3c14b786c327ed20a4264cab9d2e79f7e8a272372720a7c899ecafbf5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "904 / 35 of 1000 / last-modified: 1623797487"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21588
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:44 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ffbfbc0219a0a8d2ea91778a2ca6597479ce847f51650cae910c6c1d1ce0166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "904 / 22 of 1000 / last-modified: 1623797487"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21588
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:44 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 53ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.1922776150506147

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.7178169598605242
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.7178169598605242

0
0

49ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.7178169598605242
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.7178169598605242
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
83 B 58ms
57ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.4946957574105739

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9538305242161671
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9538305242161671

0
0

52ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9538305242161671
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9538305242161671
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 54ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.17072908514176266

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.9651679236833051
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9651679236833051

0
0

49ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9651679236833051
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.9651679236833051
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 52ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6213808236743812

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.domainelespailles.net%22:{%22https://ja.domainelespailles.net/%22:%22%22}}}&r=0.8715823274944039
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.8715823274944039

0
0

53ms
52ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.8715823274944039
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.domainelespailles.net%22%3A%7B%22https%3A%2F%2Fja.domainelespailles.net%2F%22%3A%22%22%7D%7D%7D&r=0.8715823274944039
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
115 KB 86ms
50ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:44 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71313778/
Redirect Chain

https://mc.yandex.com/watch/71313778?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv...
https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=...

184 B
291 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A765690982067%3Ahid%3A703501164%3Az%3A120%3Ai%3A20210616045844%3Aet%3A1623812325%3Ac%3A1%3Arn%3A220770294%3Au%3A1623812325557996299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623812323861%3Ads%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C207%2C0%2C%2C%2C%2C332%3Adsn%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C209%2C1%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623812325%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

af570e147e0822a7f3c73b38c1263537d033b891f04ed734f3b613a13e1ec3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 16-Jun-2021 02:58:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:44 GMT
last-modified: Wed, 16-Jun-2021 02:58:44 GMT
location: /watch/71313778/1?wmode=7&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A765690982067%3Ahid%3A703501164%3Az%3A120%3Ai%3A20210616045844%3Aet%3A1623812325%3Ac%3A1%3Arn%3A220770294%3Au%3A1623812325557996299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623812323861%3Ads%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C207%2C0%2C%2C%2C%2C332%3Adsn%3A0%2C16%2C62%2C1%2C29%2C0%2C%2C209%2C1%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623812325%3At%3A%E4%BA%8B%E5%AE%9F%E3%81%AE%E7%99%BE%E7%A7%91%E4%BA%8B%E5%85%B8%3A%20Domainelespailles
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.domainelespailles.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 781ms
728ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1384327621660256&correlator=713023499014821&output=ldjh&impl=fif&eid=31060437%2C31061279%2C31061337%2C44744016&vrg=2021060901&ptt=17&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623812325&dt=1623812325128&dlt=1623812323972&idt=1117&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1345&adks=3566481380&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1375841610.1623812325&ga_sid=1623812325&ga_hid=821759898&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c703c6537ebe65542d76a339bf3c376acdbb851c7110ba2de2f1a1485a7d382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11866
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 490ms
438ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1384327621660256&correlator=713023499014821&output=ldjh&impl=fif&eid=31060437%2C31061279%2C31061337%2C44744016&vrg=2021060901&ptt=17&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623812325&dt=1623812325132&dlt=1623812323972&idt=1117&frm=20&biw=1600&bih=1200&oid=3&adxs=1021&adys=1093&adks=1853043263&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=357x-1&msz=357x-1&ga_vid=1375841610.1623812325&ga_sid=1623812325&ga_hid=821759898&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5c198c8026282306f3e70719694d1803d1d02ff3a71085e3a2a4af91b2a327e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12668
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
9 KB 1102ms
1050ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1384327621660256&correlator=713023499014821&output=ldjh&impl=fif&eid=31060437%2C31061279%2C31061337%2C44744016&vrg=2021060901&ptt=17&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210616&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=336x280&cust_params=site_domen%3Dja.domainelespailles.net%26site_topdomen%3Ddomainelespailles.net%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Domainelespailles%2520Domainelespailles%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.domainelespailles.net%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1623812325&dt=1623812325134&dlt=1623812323972&idt=1117&frm=20&biw=1600&bih=1200&oid=3&adxs=1021&adys=1823&adks=1142232313&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.domainelespailles.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=357x-1&msz=357x-1&ga_vid=1375841610.1623812325&ga_sid=1623812325&ga_hid=821759898&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8bee53e0fae33815f71ad4c73634c59bbce0bbaac1a1e101c9ec5120d0b99e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8947
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 8A72 191 KB
54 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 8A72 12 KB
5 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 8A72 87 KB
27 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 8A72 4 KB
2 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 8A72 41 KB
13 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A72 3 KB
694 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 01:31:25 GMT
server: ESF
date: Wed, 16 Jun 2021 02:58:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 02:58:45 GMT

GET
H3-29

200

8818242468359413148
tpc.googlesyndication.com/simgad/ Frame 8A72
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXvvLmCxCSBRiSBTIIhAwDuHD40ko
https://tpc.googlesyndication.com/simgad/8818242468359413148

144 KB
144 KB

22ms
8ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8818242468359413148

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46660652ce49096fe5b8d68d7e4ffa4d4c7b78a702dc1f4ad14d8248ab3be487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:56 GMT
x-content-type-options: nosniff
age: 330889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147643
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 13:50:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:56 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 05:18:30 GMT
x-content-type-options: nosniff
server: cafe
age: 78015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8818242468359413148
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Jul 2021 05:18:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8A72 15 KB
16 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQxJMafduV02fBiRp7MJf0lldZxwzJxj3KE-MxKFuydiZb43b__Dj1mnNU7GkI&usqp=CAI

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84860cd793714c60601df22bea389692878de42aaac1f325262cfc89f8fa116d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:34:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Jan 2021 10:05:00 GMT
server: sffe
age: 300227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15607
x-xss-protection: 0
expires: Sun, 12 Jun 2022 15:34:58 GMT

GET
DATA 200
OK truncated
/ Frame 8A72 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcdd77ab12779eb0fff1e9dcf361867a109fa08cb6b03825c52ac5ac1f229888

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8A72 3 KB
3 KB 27ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 10:14:54 GMT
x-content-type-options: nosniff
server: cafe
age: 60231
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:14:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8A72 344 B
828 B 26ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 74454
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:17:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8A72 0
0 14ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9Cc5wU_BHOgIhq3TQy3WTpI0sEiZ6XsU96SKyqEazsKihLRhsw6uSSnGrcnk8Jhkqi2LfjtR3P4GDviibm38rMYKB-A
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8A72 0
0 58ms
58ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFWqB5WjJYI2sDpGQrASjhIx4r9qw7GLC76H79QzbnNHagh0QASCG4YUqYNGBuYLQB6ABr_ugxgPIAQbgAgCoAwHIAwqqBN8BT9ABQNUKA6YstqPetbKlK2mzF3si21g4Z3cmKDj4ajxoE1OK1PxgV6f1GwwB5stiGaKIrigLW9zvDe4NrsCKXnhsBuejRMij9Q7apKgls2Wwl8t7555-0cyR26VeGYPbNZEK-XwZm93vgcw0_15XTowkV8rUbwhtIcmRXfgrlBOZHMJm0txu8xv2CHFU1fN4c3n77T7tNG3ko-d78y_a8ghsGk6P0PGlZn8Lu_H0JkKG-tY62sP-YvvA9kwk0woDNLtVr2XvNdFoPv3QOdZsUWJrQEMxM2x6o9JGJ6DxFsAEiPqZ1LMD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB7mE3zmoB4qcsQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELK0B9IICQiI4YAQEAEYHYAKA8gLAdgTDYgUAdAVAZgWAYAXAbIXGgoYCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=XyilDGJLsVQ&template_id=493
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
18ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3564638c37d7d0daa58f927a2c0b4bd3293d432b97ac6645414fae3210a32534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 8A72 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:27:23 GMT
x-content-type-options: nosniff
age: 307882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:27:23 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 8A72 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:03:05 GMT
x-content-type-options: nosniff
age: 341740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:03:05 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:45 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6D73 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 15 Jun 2021 19:34:23 GMT
expires: Wed, 15 Jun 2022 19:34:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C75 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d481f137e847cab3583dd6ee7e556a10723afeb9ede107631e6210483502dc81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z9IV3QE9YM9IB+j2/TInBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

expires: Wed, 16 Jun 2021 02:58:45 GMT
date: Wed, 16 Jun 2021 02:58:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Z9IV3QE9YM9IB+j2/TInBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 uMPtKrmwZjN0D4XGQ6GkF9bB4gZfUorgjwuHC4YUqhk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D73 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uMPtKrmwZjN0D4XGQ6GkF9bB4gZfUorgjwuHC4YUqhk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c3ed2ab9b06633740f85c643a1a417d6c1e2065f528ae08f0b870b8614aa19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5821
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 08:28:55 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 13ms
13ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=domainelespailles.net&host=ja.domainelespailles.net&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 28C9 191 KB
54 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 28C9 12 KB
4 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 28C9 87 KB
27 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 28C9 4 KB
2 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 28C9 41 KB
13 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 28C9 3 KB
578 B 29ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 01:32:48 GMT
server: ESF
date: Wed, 16 Jun 2021 02:58:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 02:58:45 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 28C9 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 10:14:54 GMT
x-content-type-options: nosniff
server: cafe
age: 60231
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:14:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 28C9 344 B
368 B 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 74454
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:17:51 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16740070955833465651/ Frame 28C9 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16740070955833465651/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b996894fa3e8476df7ac142f7df28552abaf618feea133495904b935f24c32e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:24:30 GMT
x-content-type-options: nosniff
age: 297255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1861
x-xss-protection: 0
last-modified: Thu, 05 Dec 2019 12:34:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 16:24:30 GMT

GET
DATA 200
OK truncated
/ Frame 28C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61db8bd2ae29a5c3efe1b422243339dc5f6e9b9590ad3d6dc225306561e918d5

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 28C9 0
0 60ms
60ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnJJG5WjJYJbpIsuRrAS12p7wCqLlz59jy-nguuYKr5-Am8IDEAEghuGFKmDRgbmC0AegAZuK1O4DyAEBqQLZriwDO1i0PuACAKgDAaoE7gFP0F_5xuY3dXbDfEhIJpjb_17gRyhY2hmakJ1Pte9XA5T5tNaU-lL8hBf136Y-kEQCByDB_MY5kc5tPKI-AO0P_NorhleWsoeDaCsm6TXvOGYVKK8wgEopl_NvrcD4Iw3rYCncajDNrAGyA1UrqYo6DuBWlV6osKebSC-bMYi7F-yYtlaZwGOnpgAwKtqTuSmJ7IZXYxSRRWu-dz0qVMcPVxiXoQrnO6JoXUhD1qUCw9388QzAAF2Z09bknEbrWh5ksqVIeSpA2k8FfDWxsOZjVOtRvnxJTfKkLcm43_kmSHuP1wQSYkkf7tRYHZpcwASf9YG2QeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfN9asRqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELKEI9IICQiI4YAQEAEYHYAKA8gLAdgTAogUBNAVAYAXAbIXGgoYCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=Vr-yQ4wa95E&template_id=5001
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 28C9 21 KB
21 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:40:44 GMT
x-content-type-options: nosniff
age: 328681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:40:44 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 28C9 21 KB
21 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.domainelespailles.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:48:28 GMT
x-content-type-options: nosniff
age: 317417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:48:28 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 28C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

28ms
15ms

Image
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 16 Jun 2021 02:58:45 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=1384327621660256&bg=!hoWlhcHNAAY2kFOVNpA7ACkAdvg8WtgvXLgarg_DHEakKd7RheORaNto4qFkJ7b4Hd9h7WWTR4mhtgIAAACTUgAAABtoAQeZAm7S3MAA3a0Of-OYWLy-pB2krb2zsQnVaW8vB5soP_2CfdYCwHfvqFx1g_aTvJFlmzRRtlufwDkL0YI8GZtkxYbxwigJFMwNnsAajsH37GVbSi30r7DflJhKl7baD3JZzlLl9U2CjWSoKT8Hkzkeksk_BGBH6AKy442vm-ifHDYPSchbC7nYo6C0Xes1rIXDtN78JRvoE5hfAUp-P4oGvDIYyu5LswD4q6dsC-2gfANsgr9SJHz1E9T6xAqTfLhhVyqr5lrIFYRmuTj8Whqi_H6e4wTf4zHmNf1FNi5ATZai4Ej-Sx3RnBd2ottPy7iHaG0mpZksuK4lCj8Op2XOK7L82_sSIaas_9XSdXh_ddOPU_SYdIGOUlUooJdn-1eWp4nlTA5bLFkl8Yo0jPQ0z650MhM8VAIMPkUmeAnArAK0JlH14wis3icdKbvBAXspDnkTJuEZ1QbTFOx2GSPPtBmnmjw7lpebgQETz4z0vPNMgbK-JQn9PwcykF09LyHrpi0o5YDjeuvBFVljD_h_fOyUw43fY_KNJYucAIpVUc8uVVMwkM46eMqk-p1iaOz_iyrTxbKeK5_gdby3dF0fPS8LNlO9vgWrsI7sGE_2Gj26Yb__eQfnUvm2lnZ-otzbBeiYee-bFa6b4O2-U-V5H2Anc01kJPXqA2USY3HpL9yX8FDcTI23wHd8rWKjukV1Y6QELd2qO7H3c0sB36UBTXKUzI76pONCgHyc2-xEGAmA1RRkNENh28qTXV8IPSdw_-WIva7G2FbwvD2MrhD_3UnbDs5SMH1ukyShXR6-jfSYQRmcl8NBXwXedNJvv00a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6F5 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.domainelespailles.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.domainelespailles.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 16 Jun 2021 02:58:45 GMT
expires: Thu, 16 Jun 2022 02:58:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:46 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3817 3 KB
901 B 17ms
17ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

436af8b4c089df47fa78ee4904b4bf00fc00dbbef0accc5f8c8a8387dfc61e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkGEb4NTnhd0OeTZSm9zmYaUkDTrFCU8o5c6WARAMqxOMQf9tPexJMwOT3vSX8; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 16 Jun 2021 02:58:46 GMT
server: cafe
cache-control: private
content-length: 878
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Jun 2021 02:58:46 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F6F5 59 KB
24 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amr6oA_Fzh8Uz1E1UnMw5QcmMb5VNe569J5e-v8fcQhXUHCK31Q_pU9FUh0o8gJ68e2QG6OXupuCCtksi9z9p0bqWvaqht6BtV0ymTSWV5UbdJVng9RZh6HQKxEQrblK6WXs3T_HH3e2qR6SqOVZZC5A4KqQ&dbm_d=AKAmf-BPkavsMyHauwS9oK0lGTnHyWeXkGoqKbR16cTjZJ1BHrFvMaNPkUly0XIW4pX03Y0LZ8q8xV5x1Myy7hogLC_zhWRYbaMQevESBWRhD7kvYkh6hQKQi0M-58lsXhc-ZKwFvb3eQ6mb3uV2duCpxsWtSHYu540iLIVZpmgCAgKsaP8hcDDliSlVgVUG5ZxfHzkEKHDO27LDVkvsTcsSVMoOf_6zMtS9tyDzSItnFqqJr2YSw0xSN0mX6o1uAhKVJMGksBSjQ347P6es2zl3C0LpS8RjxHGvxThRvl9LHB8c-wkaxjptOBEm1J-sjNmLFfvuONdU8EdMu8BX2lj6piOycSb7isVHd8X-XJdG0zrPA1h-36TIArAPKShlt2S85H2OLCQ3E-7hISLLjEDy-gM9lREoBW7iFjBiZ4aU9VQvlWSxitFRAGSRmrMzCMWoxRsaMsAHgeHj9uQGIcS__rBhEvsSsd0dycKnEWWwEZUfQiTA8-RRZlPcFtIobJ1eF3OFna0yyxqWim9I8HyeA2cG1amxeBlBcWOsbIxbK1un9GeL_yGLEfdn0u7em149YUE-7gpO4BvVJc_LKVCepzhwVyK5U5WJWucluTPQ_Tfay1qWpLvXRPhD4sgg8GjaK9jsw-nyykULXP75J1lcgtnsJI9feJd4A3vCrNKdjE4ednx65jvlOLF1f8TxZJeceCUfy5K3OsXLy-My4tLg8FO0LQO7CnHRxO_5ErOaJhjp8PO3n3ANZBJvrqn3VGdEzrh8zh_QPmdxiuE8MqtE6LY0M-ZH8kgjFEShaTCEz50dpLuqg-zk93uadAUkf71qkcBE11BBlEuLJn-_D2qhcasOE5QAqoavN_FgL2kqsvPW15j4JsEygpvkt06OfWeocRgKhhRpa06xNKvW3kpaufGJkbTr9r84_S73mCEMQwwkku4-Sz_ggkusu_93DGLHipjO0sP8ZbB6FtrG_svtzWIV7_ccVS1o9T8tAhf64HkUClpKMdZTuvWT02MB8fSJb3nhlPeA5XvQLeO9MSju4RC4zasJdV5rD6HRNPtl-SEKvluk4WpAdaGLqh1KvymNS4Mu0cuD1QrbOm3kFZo6a3-aoF7jPlxlzRQw_DZ-R4V2WJhlZZDtLsrQ_F4NPPaGC-wtrYSf34ILffN9Hev9ZdZ9MITzwoeV796bU3QbBgOn6-KWh0kJ3IAzd7vKk25NSUnmvI16nyfw6YgiictI0l4VBVfqlzsGNX-3UXX_uR3H9UPZcDSIqsnYvBtT_T2IXk_Q9pq90d249Jf-TFpc80HRZKP6ntj2rhhBsvIlDABgQjaYfqnFx5KT81DORm_UYOg_ZmlqRq34L51hZHgBYZ5cbRiCRVeEPXEqtq_w_xDyv4052ACT_Q7tIM9TMmyNFFHvTRI5eUK-ilpwNfhDv882kiKeqSVp-fG1iyPC3Icg1yihGGYFh1BNmEcnwddCzi-Z6cgbiMknIJrOJRTeA4tIo2YK0G4gAwzcrC9uBl3h3Jj2RZr-7OnuQ2bBdBYsU0v7RifjcMCsg38xs65mpbqFCNEyrI10hbi3eiX8cZ1APCejNqhHrK1QTBhRH8urpgaMuq80GLag_ZMTySHHVGI1ab8SsrDFRsQoyFqiG82f2l9K3VabfO3Uavm9QB9lEvzy66VsAcsqJUCc0XvE9FRBRGHoTgk4nRDOAXK-oRPEaNLwEgfmds9QZ_ZqRVnHjJT0GJMzXDdmYvIodP2yYct9sfUwT1gTL_t5Uu0qIaapDf-wQQa2ogfxuytWsU6Z5Lo5sJ4R74Y6fu9xs7ylMlpSRDqsVO72R02RR6D9uH1UL7jL9Xj7nnlGnmbeDFkYf1pbnj8nJ0semfIXIEzs2TuzenwaqtF4hbFEbFC4GfYhCOJcXvApHBO9sgraKxZzrhk_NwOuIbOlpB1w3AdDVpwkWNlGWKGnSUIi70EADMsju0tUCAQqKMhrT6v15Vx7YNJmt_dMi3vYH2pFjiJ6DvsYltl0QFEjgj_riEMyn-2mtR06wewGQvQVlUKUk9Z2xwzfZG2s1YfuUGuROtrjHr5WTmiXBKM-dmt0TDQEvCfKFUJ9dlau99pntrMStC5LeZwFk7saKdO9vQ_viFphDleRGbNI2QJ262BziLU4_1ZdTfgB34oNdp7OFL6uWz-Zd3xmE4joWLtBkgCapihdoG1kg_6r6jpVu-yaQOzttePXZ0nRuPEWaDjajI1E5JQhRw38JGI50k9l5AQDXu754rzUAqj0gQkYY6d47GBlYS6KRv5LNxBTH-IQuV9tP1purcdUYo-mN2fGoHD3DBWzpE66l3Wqxm-Kh3RdF_6LvvUCj085ojAoCh1sHMJAcNUuqf1Ng7IoAhZd4rCEq9DQvX3IRJ7BNcrhl9ulrxfZOpRNwC3mjgORKYBExWFCFGDoqMoOkGqEM2aOHr5LCWWArHo8aw9649QzcQleXz8GYHbzfmYb2UDOBZ5kSy57iyBTAC-3yx_6ElBrO34_pGcf75rtq-FqsOHTSs6NJS7wvJhkzALhkChZaH41QOFnkO4J8_ztDuCrChrlIGPxf2fOQN5hxmKFN1gOaIC7dki3auYPWS7GFB1VKDDxynuJ4I3l1SHWMnToLwX1U-phIHHuxrq-6apwaX2ABljBzbshwbCMkOWZm55Kh5txNWkVripFIZy616RvOtJiDZnWAcmay6fIFEm2ly0YRcI5sbzhwbFX8ESKqcZuI8MCOonDIGC9ve1ChbrPUFl85Cq-OIO_MKvo1-Aa4BsuqqQ6XkwHJA91idP8C25L337nHDmK35O3OC47t3yoFEtoaVzGkO-gKfXZ_ddfFb71Wh51v5DYFivMQGwK4NXGwOPMyRRIRu7vGz2YtSyjUVkeVkRi25iR22Wf2rAB-PzSnot8ySCKldBgQCuD-GGJvIEqAlna3HRlYlZ2PlN4KhzodcZXl9c79wPQMY_JzbhE_HC3rxeNkV1zUjWROcDqdRoqiqpEJbpmXnm4OvjGSgCgudZI1rlvjOY1uvs_7aRBQqjVKUjWTnYq9CYuHYuRqYK9_1eu8VwH0VUPDfv8073cCy-VYJ2PmSHfl2bBPaXf-y3hhVOUWBQVL2DTUQMJHGvpNTuEcy1kzfwMAoBsWcBeFIcKXUdO_-2XylswJAwZUGcjyHBWZW8WpO67r9UnHpsPMN1Y7IQ6PJIYmUjUsz6SWNY8wKhtGX8xGuwDlt9BTWeOmH8ethmJ_EYikoAnbv6zasgSrUOBR1cyQ9fHeHcIp43tRkLiowjvN4LgDsier4CLkfY-LMKbalzO3Nr2v0faK9H1S-NRhGFVhP4lYSd9JigNlOsFg3e9poI42JB5zFDBM03zMHANgxFH41r--102YRlWAT1_FcBVek9YCdrM474krqDFh_1fvsSjWT3gN2M0wRpHCvetIe8p_ef_j2sXvWaOXu-DTc8_YneQfZBcS0W7QJzlGK14PQjNS2hX1jinDFRCNUPOqPV6AS1hR3eP8fX5iKR0aFLW0PVy9cAUpNXeIG3_6-gSYGCymb8SWar_pK1bRnDEmDAl2AUGNcoYc2LJNuSntZbBpYuD6b-icd-hYxlWRMq2ZPCwgk1BTEiYMIzdEyJVCrZpHUJjCCXvR0Ul0Vlf5yVoRI0ohuKxFA0vjN7fXpcLms302XosnPnNfqOLYqxpsJHMGohVS6fUNWUvzNvzzMKuTig00Dk2jS2Eacw5aB1ZqKTr1c2GKDWUE0cOygAv3Aej5RwrldZubsAZH7u74CEYyW5f3aI3aBSOnevdFJ-8zy5mJ62fuGEKwBVgNOtCh8KnvaQ5ZP388BJ42qy_hLMCInk5Z-os_aF38XS4PmQ1yCZKoJD58hzGvtL0gaUnMwYPURrz01vlwDiQ2r34-JLSpNn8Gn3p8_pePRz-a1IJ7qvXl3OJTsS5VDSnNA4-9MY2yU58LVhComaLbnD7Kn8-XJjHAXJf0CQ-LP_Y852GT4DpD-5ZDxT4L5FtWT95iGnui4Ne_Gq59WSf1gEsqt3j4M6SHv7Kpv6x_zqKKyL0NlVqFjYL8-tsH1Pgh0qjaQZwxztE_0xbYKXnjAxlPZy7tyJIQfemSAatJi8Uc4gNobzKsLdvxzMptZYNGbQvNMDLbKvuKgy0kwOZr9Y20byjQYC0QzLGSpdp_HhZPul43Nk9KIV3nFui2mK-Ds7v4FgSsnbxOCTryQUva-IP4oouR4VK&cid=CAASFeRomEITD1m_7-g4JoFbmLQIpsUMRQ&rfl=1%2Chttps%253A%252F%252Fja.domainelespailles.net%252F%240

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa18a8c6ca1ae5ef3cfa5c7e881af827f6def382f19f40ca86000661d2dc921e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6F5 42 B
63 B 15ms
13ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C11nFqTmnRPKcZi3gP29RUNGPaWGlzsICznjK7xXm7FcYbHcYKqTbqvc40oALvxjZbrqgYz6B8Kx9VfcDWEH97N0AmhlEJJZo2SKkEo9wallK2Iok

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/ Frame F6F5 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:54:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6F5 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Wed, 16 Jun 2021 02:58:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/ Frame F6F5 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210610/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e0099e4558eac7516502eaf705eda715aaed18678bca9bdea641cd6b03ab2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: cafe
etag: 13708678322133093319
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:53:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F6F5 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7ACIAewpJzV4YT5Pkiua3g6-L9O__a51sRYmmZqZDXKEf2DBGpxDIGqrCUuJaErPZEH_QQ1vSJGJtjQvs4GbMhdIwuQ
Requested by: Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3817
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
1012 B

43ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Jun 2021 02:58:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 1149
Expires: Wed, 16 Jun 2021 02:58:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3817
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkV...
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290....
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
892 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Jun 2021 02:58:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjMTTuG7Dqg2LgFl18yky8&google_cver=1&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 719
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3817 170 B
523 B 146ms
54ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~1301.449.93.981.144.1186.323.733.938.1449.122.1276.1765.1215.780.1842.1878.89.1929.1092.2177.2202.2253.1031.1725.2357.2526.2677.2109.1211.1290.448.1577.1365.495.326.2572.272.574.1419.311.1127.1570.1721.70.2628.491.1591.1415.196.440.3052.253.839.66.1364.1558.2373.167.149.415.494.1651.817.2316.1716.1870.864.587.1051.1033.2072.2571.1097.1230.540.867.486.1205.317.1712.2985.2575.338.1810.2299.3154.1564.1889.482.162.1201.108.241.259

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY396-ogEwAQ&v=APEucNUlNJTfMLc32yI8D9OIlU3S-YYSKUTDpes-4mHMPWr-Daeze1Ktkry8cZ9jBx9SjKZXmLXqK3lNt9XRaMHUF7OVc2oKGqF2rR0SBPq46BcfBfpSWc5cGTdyLyiUDFVZInkJCz9V2ZX2iszJUCuhUTRg5exrNdg16ffwnBl3srjdkhnuaUp2LwoIKpHUON1IrAexS2TY51vLgXfPOdzz0b4035HrTNG9u2NUGrZGwQuiUxoIBkPEkaBQOaApXOELL6nxx-sXBQhpLYTg7eFKzbbYQbd_tvwNriJnV3vmTbwCm2JpTGlOq4s-1BLbMqE3GRRC5wBODkIUMuYOfv8eSkvhM9V0xePxWGrmYo_gP8ZB0s6M9L7ITlL245v7d9-FxWGo4F_xphqRqUb_MskdIrdM40zbOaZihtbl9ZuRQP7S9N30TtWirdlf7FkcoLuEzGeMQbk9EW2LDx_Ksh5XJ9WE5xLCez7yN1tsZFlD7C06xuawxS3yu707e8BrPB1-uPgEu-RXFkZht_SdzbDsPAor4iTzHR-nq6pzeZZcgO3prNut9zXfIm-R2xYqDh5j0oQYH2UKtwcF8n2S_eoqJbxAC2usk6qviRZp1WIbnFgW8VUlzZ_MtuCPkw44EUs0nsWxWcHqXN_FoOUbsjjI04vH4LoX5QqwBkTf8ODuT9NFwYM570qCd1N3qAt500Hly2eHU8w0DLmFA9DDjYnRDJxZJt6l7JHucOAR1okCkaDiPism_oJbvG88tHYoiTMmO9CyQnzkAKZ_FCrC6j3UBBaaer1ub5XVUEbGkN0wVYDoZHu1Jh5Z0L_5adyx5ydk39f9eUuQK3DalQ1_Bz-UP_KUXfrdkb3wQR7hQRp_G96Y5NAKbpwf_9w43gR5RkQmlaYFzLD7_Eo24L_SzF2h5xcDZV-4LKkyDMME7JhG-QEuzt5MomOibkzGsNq0ln_djpVn-d05vIzxdacFAp_a97n5pt9BUo4mPAHCymxYHsC46CTpDG-Jn17eM5OjvXk9MWgqHmiZKD42wXY04ffTfGwa3KSTEp_uwxz2YGwhCUoggXy6M3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3817
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyMjYyNjk5Njg1NDk2MDU4MA%3D%3D

170 B
232 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyMjYyNjk5Njg1NDk2MDU4MA%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 02:58:46 GMT
X-Proxy-Origin: 185.245.84.100; 185.245.84.100; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid: 7613383b-f246-4708-811e-c1ce1588438c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyMjYyNjk5Njg1NDk2MDU4MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame F6F5 111 KB
39 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 15:18:27 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210610/r20110914/elements/html/ Frame F6F5 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210610/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amr6oA_Fzh8Uz1E1UnMw5QcmMb5VNe569J5e-v8fcQhXUHCK31Q_pU9FUh0o8gJ68e2QG6OXupuCCtksi9z9p0bqWvaqht6BtV0ymTSWV5UbdJVng9RZh6HQKxEQrblK6WXs3T_HH3e2qR6SqOVZZC5A4KqQ&dbm_d=AKAmf-BPkavsMyHauwS9oK0lGTnHyWeXkGoqKbR16cTjZJ1BHrFvMaNPkUly0XIW4pX03Y0LZ8q8xV5x1Myy7hogLC_zhWRYbaMQevESBWRhD7kvYkh6hQKQi0M-58lsXhc-ZKwFvb3eQ6mb3uV2duCpxsWtSHYu540iLIVZpmgCAgKsaP8hcDDliSlVgVUG5ZxfHzkEKHDO27LDVkvsTcsSVMoOf_6zMtS9tyDzSItnFqqJr2YSw0xSN0mX6o1uAhKVJMGksBSjQ347P6es2zl3C0LpS8RjxHGvxThRvl9LHB8c-wkaxjptOBEm1J-sjNmLFfvuONdU8EdMu8BX2lj6piOycSb7isVHd8X-XJdG0zrPA1h-36TIArAPKShlt2S85H2OLCQ3E-7hISLLjEDy-gM9lREoBW7iFjBiZ4aU9VQvlWSxitFRAGSRmrMzCMWoxRsaMsAHgeHj9uQGIcS__rBhEvsSsd0dycKnEWWwEZUfQiTA8-RRZlPcFtIobJ1eF3OFna0yyxqWim9I8HyeA2cG1amxeBlBcWOsbIxbK1un9GeL_yGLEfdn0u7em149YUE-7gpO4BvVJc_LKVCepzhwVyK5U5WJWucluTPQ_Tfay1qWpLvXRPhD4sgg8GjaK9jsw-nyykULXP75J1lcgtnsJI9feJd4A3vCrNKdjE4ednx65jvlOLF1f8TxZJeceCUfy5K3OsXLy-My4tLg8FO0LQO7CnHRxO_5ErOaJhjp8PO3n3ANZBJvrqn3VGdEzrh8zh_QPmdxiuE8MqtE6LY0M-ZH8kgjFEShaTCEz50dpLuqg-zk93uadAUkf71qkcBE11BBlEuLJn-_D2qhcasOE5QAqoavN_FgL2kqsvPW15j4JsEygpvkt06OfWeocRgKhhRpa06xNKvW3kpaufGJkbTr9r84_S73mCEMQwwkku4-Sz_ggkusu_93DGLHipjO0sP8ZbB6FtrG_svtzWIV7_ccVS1o9T8tAhf64HkUClpKMdZTuvWT02MB8fSJb3nhlPeA5XvQLeO9MSju4RC4zasJdV5rD6HRNPtl-SEKvluk4WpAdaGLqh1KvymNS4Mu0cuD1QrbOm3kFZo6a3-aoF7jPlxlzRQw_DZ-R4V2WJhlZZDtLsrQ_F4NPPaGC-wtrYSf34ILffN9Hev9ZdZ9MITzwoeV796bU3QbBgOn6-KWh0kJ3IAzd7vKk25NSUnmvI16nyfw6YgiictI0l4VBVfqlzsGNX-3UXX_uR3H9UPZcDSIqsnYvBtT_T2IXk_Q9pq90d249Jf-TFpc80HRZKP6ntj2rhhBsvIlDABgQjaYfqnFx5KT81DORm_UYOg_ZmlqRq34L51hZHgBYZ5cbRiCRVeEPXEqtq_w_xDyv4052ACT_Q7tIM9TMmyNFFHvTRI5eUK-ilpwNfhDv882kiKeqSVp-fG1iyPC3Icg1yihGGYFh1BNmEcnwddCzi-Z6cgbiMknIJrOJRTeA4tIo2YK0G4gAwzcrC9uBl3h3Jj2RZr-7OnuQ2bBdBYsU0v7RifjcMCsg38xs65mpbqFCNEyrI10hbi3eiX8cZ1APCejNqhHrK1QTBhRH8urpgaMuq80GLag_ZMTySHHVGI1ab8SsrDFRsQoyFqiG82f2l9K3VabfO3Uavm9QB9lEvzy66VsAcsqJUCc0XvE9FRBRGHoTgk4nRDOAXK-oRPEaNLwEgfmds9QZ_ZqRVnHjJT0GJMzXDdmYvIodP2yYct9sfUwT1gTL_t5Uu0qIaapDf-wQQa2ogfxuytWsU6Z5Lo5sJ4R74Y6fu9xs7ylMlpSRDqsVO72R02RR6D9uH1UL7jL9Xj7nnlGnmbeDFkYf1pbnj8nJ0semfIXIEzs2TuzenwaqtF4hbFEbFC4GfYhCOJcXvApHBO9sgraKxZzrhk_NwOuIbOlpB1w3AdDVpwkWNlGWKGnSUIi70EADMsju0tUCAQqKMhrT6v15Vx7YNJmt_dMi3vYH2pFjiJ6DvsYltl0QFEjgj_riEMyn-2mtR06wewGQvQVlUKUk9Z2xwzfZG2s1YfuUGuROtrjHr5WTmiXBKM-dmt0TDQEvCfKFUJ9dlau99pntrMStC5LeZwFk7saKdO9vQ_viFphDleRGbNI2QJ262BziLU4_1ZdTfgB34oNdp7OFL6uWz-Zd3xmE4joWLtBkgCapihdoG1kg_6r6jpVu-yaQOzttePXZ0nRuPEWaDjajI1E5JQhRw38JGI50k9l5AQDXu754rzUAqj0gQkYY6d47GBlYS6KRv5LNxBTH-IQuV9tP1purcdUYo-mN2fGoHD3DBWzpE66l3Wqxm-Kh3RdF_6LvvUCj085ojAoCh1sHMJAcNUuqf1Ng7IoAhZd4rCEq9DQvX3IRJ7BNcrhl9ulrxfZOpRNwC3mjgORKYBExWFCFGDoqMoOkGqEM2aOHr5LCWWArHo8aw9649QzcQleXz8GYHbzfmYb2UDOBZ5kSy57iyBTAC-3yx_6ElBrO34_pGcf75rtq-FqsOHTSs6NJS7wvJhkzALhkChZaH41QOFnkO4J8_ztDuCrChrlIGPxf2fOQN5hxmKFN1gOaIC7dki3auYPWS7GFB1VKDDxynuJ4I3l1SHWMnToLwX1U-phIHHuxrq-6apwaX2ABljBzbshwbCMkOWZm55Kh5txNWkVripFIZy616RvOtJiDZnWAcmay6fIFEm2ly0YRcI5sbzhwbFX8ESKqcZuI8MCOonDIGC9ve1ChbrPUFl85Cq-OIO_MKvo1-Aa4BsuqqQ6XkwHJA91idP8C25L337nHDmK35O3OC47t3yoFEtoaVzGkO-gKfXZ_ddfFb71Wh51v5DYFivMQGwK4NXGwOPMyRRIRu7vGz2YtSyjUVkeVkRi25iR22Wf2rAB-PzSnot8ySCKldBgQCuD-GGJvIEqAlna3HRlYlZ2PlN4KhzodcZXl9c79wPQMY_JzbhE_HC3rxeNkV1zUjWROcDqdRoqiqpEJbpmXnm4OvjGSgCgudZI1rlvjOY1uvs_7aRBQqjVKUjWTnYq9CYuHYuRqYK9_1eu8VwH0VUPDfv8073cCy-VYJ2PmSHfl2bBPaXf-y3hhVOUWBQVL2DTUQMJHGvpNTuEcy1kzfwMAoBsWcBeFIcKXUdO_-2XylswJAwZUGcjyHBWZW8WpO67r9UnHpsPMN1Y7IQ6PJIYmUjUsz6SWNY8wKhtGX8xGuwDlt9BTWeOmH8ethmJ_EYikoAnbv6zasgSrUOBR1cyQ9fHeHcIp43tRkLiowjvN4LgDsier4CLkfY-LMKbalzO3Nr2v0faK9H1S-NRhGFVhP4lYSd9JigNlOsFg3e9poI42JB5zFDBM03zMHANgxFH41r--102YRlWAT1_FcBVek9YCdrM474krqDFh_1fvsSjWT3gN2M0wRpHCvetIe8p_ef_j2sXvWaOXu-DTc8_YneQfZBcS0W7QJzlGK14PQjNS2hX1jinDFRCNUPOqPV6AS1hR3eP8fX5iKR0aFLW0PVy9cAUpNXeIG3_6-gSYGCymb8SWar_pK1bRnDEmDAl2AUGNcoYc2LJNuSntZbBpYuD6b-icd-hYxlWRMq2ZPCwgk1BTEiYMIzdEyJVCrZpHUJjCCXvR0Ul0Vlf5yVoRI0ohuKxFA0vjN7fXpcLms302XosnPnNfqOLYqxpsJHMGohVS6fUNWUvzNvzzMKuTig00Dk2jS2Eacw5aB1ZqKTr1c2GKDWUE0cOygAv3Aej5RwrldZubsAZH7u74CEYyW5f3aI3aBSOnevdFJ-8zy5mJ62fuGEKwBVgNOtCh8KnvaQ5ZP388BJ42qy_hLMCInk5Z-os_aF38XS4PmQ1yCZKoJD58hzGvtL0gaUnMwYPURrz01vlwDiQ2r34-JLSpNn8Gn3p8_pePRz-a1IJ7qvXl3OJTsS5VDSnNA4-9MY2yU58LVhComaLbnD7Kn8-XJjHAXJf0CQ-LP_Y852GT4DpD-5ZDxT4L5FtWT95iGnui4Ne_Gq59WSf1gEsqt3j4M6SHv7Kpv6x_zqKKyL0NlVqFjYL8-tsH1Pgh0qjaQZwxztE_0xbYKXnjAxlPZy7tyJIQfemSAatJi8Uc4gNobzKsLdvxzMptZYNGbQvNMDLbKvuKgy0kwOZr9Y20byjQYC0QzLGSpdp_HhZPul43Nk9KIV3nFui2mK-Ds7v4FgSsnbxOCTryQUva-IP4oouR4VK&cid=CAASFeRomEITD1m_7-g4JoFbmLQIpsUMRQ&rfl=1%2Chttps%253A%252F%252Fja.domainelespailles.net%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:42:58 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210610/r20110914/ Frame F6F5 22 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210610/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcd57e69a5d71e9baf75e7fb8a215a1cbc43187757950ae07e3ba80b2daac88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8646
x-xss-protection: 0
server: cafe
etag: 17364344795577130379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 02:36:58 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6F5 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 09:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 09:41:42 GMT

GET
DATA 200
OK truncated
/ Frame F6F5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6520a3a53f5e2b90ad1aa261b68607577a081186daeb44ae638580d3fb895d16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E230 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 15 Jun 2021 09:41:44 GMT
expires: Wed, 15 Jun 2022 09:41:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 62222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mercedes_300x250.html Show response
s0.2mdn.net/10160029/1617043697852/ Frame C70C 6 KB
2 KB 19ms
6ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3550b5b813c614d5a0793595befb3196fe12422652d43bf7637d943ad065d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10160029/1617043697852/mercedes_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2126
date: Tue, 15 Jun 2021 04:02:34 GMT
expires: Wed, 16 Jun 2021 04:02:34 GMT
last-modified: Mon, 29 Mar 2021 18:48:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 82572
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6F5 0
107 B 215ms
98ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv67yR-4BbR7x4uGLp6TPgZ4DwUTW3oRaj-hhtwfUwfpmLScMfN0yLXBb0e5V2UWprom9N43qEGLaZv7c0038r7EHzwAmjX1Vrt8Dl2fKgAvveO1_pk1TuSClXvISaMulsn7iQQ4eKbPeBampQgSgdEyf5lkD_AykrBOGM9kRXPw_hgzhVa6W4QwX4e026867YYkmHpUaBdROsvRszSiEvnfMgk3xLQqFJARrS0Y_5sbjAS8KlfHvYF7KR9MjQ7ke8tHOVbr8xl_hFngac65DhuDWScdhkS7KsM2TM0cv3FoeB5LvaogbxtU0-oc5fuRGK_84ivLqbYbABoP1nECFjGTldWCuqrb2g5nI3TtREsNcURIjQgDBQttPw9i_wEXd4Gonx3KjlR-lLpxPRz2Hw1n0Br_C4Xg9tRCcmTrgRzrqih6kGuNGD2KrIosIwLJbMMWwEOLfRZNlwSgfDay1eIXBhTaqFBc1tXuqUr-FRdcBpfIlJAUjKai217feAzP6bJcdxo9bGWPtZ1ivJRcmkClEZm_F3PFj1i9mtPdr57z67SZNEvDVk7CvdePfCBSFRGhzIyS5Od95XUuXRElcVVXchMEX2X5u1tr2LJZOTcpmAdhMzUhy6s0JTtgaYg_mVbbpzm82kU-AiqJhQXA_bOWghbOx3trn1f48xiJpXrRjt2Q81UKgjQJk1mnDh0KFrmMMP1cwmmQsmKl-JOaqfIpnRNpV7stUFkfF-hy2_ntNQg5sFqNbqGgcqmT6CMcm4NM--hxf5L2AxeScAYrBhxiTOqP0fqsTsOhGH-H9XiMskBrXL1Y3Dg1rG-cV8JKpjhQgWD8V-LdyiGujyENf5JfcL8LRJWYIanDPAnbSihUHOjvSp35m2shtqt0XQtV3b4cq2_qJ-KIF5KHV8kC-tNXc8P4tZFaBd3Gg6ectfYB9sXlqEjIpDnIr3lC8OtfrQhIK3NgavMOVF_z_IHOFwHQ5xFOLk5cHIk1fJVx5PemnkQLS5f-srQBn4zveXO-g3tukJ8WHT9_lPItUggE9qVZLbYSiJSpW-K9LDY1Tl2QX36eua8XKS6867lKGv3C7pvbP8d091qXuKctfzhQ52lAXBU1s04B3z9Bf1jXwf53AMP8YAVgF0D47uYLoINhl9PHIc2fulIDdbS6P1AaBbkYUTcXVTFYhhBDv2CYzzJL4v3kkFAene5&sai=AMfl-YT0uy0NP4Zgya3wY0e83k1V9ydbY92lv4i65TbNAL_d-D9q4CY1UMLpsNIfJR0N8hM2-iuhKR4CdGCk-fxMEabstp10iH2WTfwt-J-i5Jhk-poRbgvoVBQ17bh_WLxo6pLeQcEH9g6K4DBPtwo40Da-Bi1kLiYNmaFu8VI&sig=Cg0ArKJSzOT6gRJRdQ0SEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&cbvp=1&cstd=79&cisv=r20210610.88663&adurl=

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 16 Jun 2021 02:58:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame F6F5 0
348 B 139ms
46ms Image
text/plain 108.128.41.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=u0zbj4cak&_knopii=1&campaignid=25571035&advertiserid=10160029&placementid=299567063&adid=492712948&creativeid=148347797&siteid=6333601
Requested by: Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.41.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-41-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1623812326
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n006-dub-prod.krxd.net
x-no-pii: 1

GET
H3-29 200 uMPtKrmwZjN0D4XGQ6GkF9bB4gZfUorgjwuHC4YUqhk.js Show response
pagead2.googlesyndication.com/bg/ Frame E230 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uMPtKrmwZjN0D4XGQ6GkF9bB4gZfUorgjwuHC4YUqhk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c3ed2ab9b06633740f85c643a1a417d6c1e2065f528ae08f0b870b8614aa19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5821
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 08:28:55 GMT

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C70C 236 KB
63 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 02:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 02:58:46 GMT

GET
H3-29 200 mercedes_300x250.js Show response
s0.2mdn.net/10160029/1617043697852/ Frame C70C 65 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c6c2d69b6b7ffa0364298cbfdeb32a4f844e52d052464cb5794962e5464620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 10:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14854
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 18:48:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 16 Jun 2021 10:28:19 GMT

GET
H3-29 200 img1.jpg
s0.2mdn.net/10160029/1617043697852/images/ Frame C70C 52 KB
53 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10160029/1617043697852/images/img1.jpg

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36099bc1e392d2d9a4b947edf8ce6c16f0624db8fb17c57b73db8341a900cdd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 06:23:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 18:48:18 GMT
server: sffe
age: 74095
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53732
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:23:51 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6F5 0
545 B 141ms
92ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ja.domainelespailles.net
URL: https://ja.domainelespailles.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 02:58:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 img2.jpg
s0.2mdn.net/10160029/1617043697852/images/ Frame C70C 29 KB
29 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10160029/1617043697852/images/img2.jpg

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd563a64664127b04e2d8164c1e33cc3625df3fb9fbee173f3146ad583249e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 06:23:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 18:48:18 GMT
server: sffe
age: 74095
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29327
x-xss-protection: 0
expires: Wed, 16 Jun 2021 06:23:51 GMT

GET
H3-29 200 img3.jpg
s0.2mdn.net/10160029/1617043697852/images/ Frame C70C 28 KB
28 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10160029/1617043697852/images/img3.jpg

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fe5140f3d100adde6d98a5e04da854ac496d4d8eec59666b78e552412d4b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 12:17:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 18:48:17 GMT
server: sffe
age: 52888
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28369
x-xss-protection: 0
expires: Wed, 16 Jun 2021 12:17:18 GMT

GET
H3-29 200 l.png
s0.2mdn.net/10160029/1617043697852/images/ Frame C70C 8 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10160029/1617043697852/images/l.png

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b2bb4cbe2135edd802927125d12c1092b041f00369a3d5cc89aca1eb68b2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 14:01:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 18:48:17 GMT
server: sffe
age: 46643
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7911
x-xss-protection: 0
expires: Wed, 16 Jun 2021 14:01:23 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/10160029/1617043697852/images/ Frame C70C 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10160029/1617043697852/images/logo.png

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de65aa40360a73dc513e87ae5a965736aaf66c40cb8268332feffcab167eeca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10160029/1617043697852/mercedes_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 13:39:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 18:48:17 GMT
server: sffe
age: 47941
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3022
x-xss-protection: 0
expires: Wed, 16 Jun 2021 13:39:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E230 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnX4Z5mjJYMLiEYaOjuwPsMeDeAAAAAA4AeAEAg&bg=!YmGlYSXNAAY2kFOVNpA7ACkAdvg8Wj-5jH1H-JYChXKqysbGw5s0cdr-djSwE_fiaaPDMOTVCaQMtAIAAACMUgAAABBoAQeZAroZ7r04pMCkKW6iZzFKEkPI6KHC5nlqbSEA1CEGpclkqOpqIGz0Ykh_2HusAaYRnzI7HbnH3XUrFumhiCXkcSNL3uK977Euy74a77rDrQW847h07-pFFRnoKA0MD7DiD-SzxL2gVMcwD0HMYtWd0e0amAts3dXW82YLUm-dzTfdWv1C2U7j-zf4PcR2YNy9WbushuEIboRzmIatkqepVhfvw4ksJ1YJFJR-YvjVlkGQemH7RJYgddjfYdxDpvgWJuahDQ-HdoEDKfIv7HvRRvtzJJdhPEftkCUdln2fXJ6nhmvYYgTdpDz20Nv_Zkm0liRGae0Fm7gx10Sz4InquW0KzC_lDF3tZHbbh5AcT1QSUYUneGr8Fe7gbMKslckR0ylf_CsZgyxpO6087id0jIf9IMBZSkyVFtmwwVFUBb4VBwUSlwjESQmVwnhKlURoy-MKII2SkwTMV5vXgKcg0Z4sLGWM9NtU_5TJ8Ylqj5BmnH9jrSZW3z8r5AndBC1hUovBMqeE2W2NxvXjjuxXLjiUzPIAa2FOOrhAsAHJx3jrhIUTUFBfbcGxoOR7sCU0HZMs0_Ie_PMMdxA45Ld2LoyuXOscXKw3Q7GiCruFrtFYn6L3Qvhwv3wVsXsR3Tnyp6FfZMJUPVk3vXVmsAe8JpRg-C9gB8L62lbWGfiUkIvQMgzgI7B_p-zRbicCkpoB7i3qg_Hm7B00-gVWVkYu6rTyZsCFB9Xh2WwRBMfkkPvecG2sZhZrU9XAChMwBBjljvCWohTAwuUX0IuXYj1CYmyKbdmEnHU425twONmwFGA4qlFRcJ8Yd2Wa7hRLu9lCgYhPiG9FTOoh7fgkfmahUysirAUaj3HEEcnEqRpaElQxhaCPII012Ral7sVjnOGtnw9ExY0SrE8LaAy7YiVeWulVNdxypwv4p1d51w

Requested by

Host: 2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
URL: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 71313778 Show response
mc.yandex.com/webvisor/ 43 B
73 B 251ms
57ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71313778?wmode=0&wv-part=1&wv-hit=703501164&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&rn=351981023&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1623812327%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210616045847%3Au%3A1623812325557996299%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623812327

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:47 GMT
last-modified: Wed, 16-Jun-2021 02:58:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:47 GMT

POST
H2 200 71313778 Show response
mc.yandex.com/webvisor/ 43 B
145 B 205ms
63ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71313778?wmode=0&wv-part=1&wv-hit=703501164&page-url=https%3A%2F%2Fja.domainelespailles.net%2F&rn=1006888242&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1623812327%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210616045847%3Au%3A1623812325557996299%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623812327

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:47 GMT
last-modified: Wed, 16-Jun-2021 02:58:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ja.domainelespailles.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 16-Jun-2021 02:58:47 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 28C9 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupNtXa3SUzr7N0zx8Y7VLPmt6IsS2vyKEwW_O6VlxWDKDmI-9PlpT34R3lk72glxWBTvVB0VXVMg06wcCDF33wfNjKjLNNDK3gsh0f_EAjKs7IdfY0dGOoiuoJark7koRO5zMgP4KsBTv2eHaALEE&sai=AMfl-YSuYigrt6SqJwpnLp236n7sK8KNX9m4BHsCEegVVi6W98xqyOXkp20kgoGQgXG4gcGoIMp7__GuSyqo686HUxxpUJtD9jLlspqUzgSLC70Kmeqn3CYyUsJAWvPzdvO8&sig=Cg0ArKJSzMjiBeBmTCl1EAE&id=ampim&o=0,1228&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=212&tls=1511&g=55.55555820465088&h=100&tt=1511&r=v&avms=ampa&adk=3566481380

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.domainelespailles.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIwu2Pp5Sb8QIVBoeDBx2w4wAPEAAYACCVt95GQhMI1dP1ppSb8QIVEtJ3Ch0L7QQ9;met=1;&timestamp=1623812336754;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F6F5 42 B
515 B 215ms
93ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwu2Pp5Sb8QIVBoeDBx2w4wAPEAAYACCVt95GQhMI1dP1ppSb8QIVEtJ3Ch0L7QQ9;met=1;&timestamp=1623812336754;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 02:58:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dc_oe=ChMIwu2Pp5Sb8QIVBoeDBx2w4wAPEAAYACCVt95GQhMI1dP1ppSb8QIVEtJ3Ch0L7QQ9;met=1;&timestamp=1623812346745;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame F6F5 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/Stein-Icons.ttf?6g2d1r

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqwqcsdrM.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/qkBWXvYC6trAT7zuC8m5xL1lmgzD.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-pgGIyY0.woff

Domain: domainelespailles.net
URL: https://domainelespailles.net/template/domainelespailles/css/fonts/Stein-Icons.woff?6g2d1r

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwu2Pp5Sb8QIVBoeDBx2w4wAPEAAYACCVt95GQhMI1dP1ppSb8QIVEtJ3Ch0L7QQ9;met=1;&timestamp=1623812346745;eid1=2;ecn1=0;etm1=10;

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.domainelespailles.net/	1970-01-20 03:49:08	Name: euconsent-v2 Value: CPH3hjwPH3hjwAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.domainelespailles.net/	1970-01-20 03:49:08	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdhMTJjMWItZDI5OC02MDBjLThmYmQtYTk3NGViYTI5ZDgyIiwiY3JlYXRlZCI6IjIwMjEtMDYtMTZUMDI6NTg6NDQuNzkzWiIsInVwZGF0ZWQiOiIyMDIxLTA2LTE2VDAyOjU4OjQ0Ljc5M1oiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.domainelespailles.net/	1970-01-19 19:04:44	Name: _ym_isad Value: 2
.domainelespailles.net/	1970-01-19 19:03:34	Name: _ym_visorc Value: w
.domainelespailles.net/	1970-01-20 03:49:08	Name: _ym_d Value: 1623812325
.domainelespailles.net/	1970-01-20 03:49:08	Name: _ym_uid Value: 1623812325557996299

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://domainelespailles.net/template/domainelespailles/js/scripts.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	error	URL: https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.4
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx -> DE
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt->cmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt native v.1.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://ja.domainelespailles.net/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://ja.domainelespailles.net/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2511d0b868d8287d4c16ff44ca5ea9ba.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
beacon.krxd.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
domainelespailles.net
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ibb.co
ib.adnxs.com
ja.domainelespailles.net
js.wpushsdk.com
load02.biz
mc.yandex.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
ade.googlesyndication.com
domainelespailles.net
108.128.41.128
142.250.185.162
142.250.185.66
143.198.248.63
146.59.152.166
151.101.65.195
172.217.16.130
185.33.221.91
2.18.234.21
2001:4de0:ac18::1:a:3b
205.185.216.42
213.174.135.24
213.174.135.25
216.58.212.130
2606:4700:10::6814:b944
2606:4700:3032::6815:976
2606:4700:3035::ac43:bd3d
2606:4700::6810:5714
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a02:6b8::1:119
88.212.201.210
01ca4961753a6afa5fafb38415880c611e924f42c6d9c1cc052b7f10fc6928f3
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
078690b310422a2d14b66bbe9adc916f1aced4610e14cf122fbc3cdd83fa58f6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
179041649333c87cd065a8e342c4158274be2426542c5e2f64c950b402d4db1e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30fe5140f3d100adde6d98a5e04da854ac496d4d8eec59666b78e552412d4b7a
31c6c2d69b6b7ffa0364298cbfdeb32a4f844e52d052464cb5794962e5464620
339106ca1ee04659f2073f307a2f5ff696c0e659d2651e6067021021d1f0e456
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
3550b5b813c614d5a0793595befb3196fe12422652d43bf7637d943ad065d4d2
3564638c37d7d0daa58f927a2c0b4bd3293d432b97ac6645414fae3210a32534
36099bc1e392d2d9a4b947edf8ce6c16f0624db8fb17c57b73db8341a900cdd5
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
380fa94dfaf2647285f4035a523f6a0674c975e2486e5fccb782f0421eb0d23f
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3ffbfbc0219a0a8d2ea91778a2ca6597479ce847f51650cae910c6c1d1ce0166
436af8b4c089df47fa78ee4904b4bf00fc00dbbef0accc5f8c8a8387dfc61e78
463372edb7ab8600022a1bf6f37a69a13006b84c8767c3067c3ce8668a28eefd
46660652ce49096fe5b8d68d7e4ffa4d4c7b78a702dc1f4ad14d8248ab3be487
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55fddf5d1ddb0c6c9f8f907e2ca2da4765300aed7919a12811cfb4e6253b5746
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
5c198c8026282306f3e70719694d1803d1d02ff3a71085e3a2a4af91b2a327e6
5de65aa40360a73dc513e87ae5a965736aaf66c40cb8268332feffcab167eeca
60070d9847a84df9bd3a2ff9257f756e1a3044355a4be3752a008bea64a1a315
61db8bd2ae29a5c3efe1b422243339dc5f6e9b9590ad3d6dc225306561e918d5
62b2bb4cbe2135edd802927125d12c1092b041f00369a3d5cc89aca1eb68b2d0
6520a3a53f5e2b90ad1aa261b68607577a081186daeb44ae638580d3fb895d16
6d8444b8e4646f2cb92083a48b53d284885bd67f41220c7ecd3f62df4e6e85f1
6e0099e4558eac7516502eaf705eda715aaed18678bca9bdea641cd6b03ab2a8
73fc09fee0d2a0620c0ce05c3c9440cfd3896075917f5df15622fe678b7c050f
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
81c55bce1e9727059dec0ad7dbf83a897e004d054620de8213779495a30c5fae
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84860cd793714c60601df22bea389692878de42aaac1f325262cfc89f8fa116d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
8bee53e0fae33815f71ad4c73634c59bbce0bbaac1a1e101c9ec5120d0b99e41
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
903b7d70660ecd4b49d3878998c2118064c37cf88be82af6eb023744ed379033
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9dcd57e69a5d71e9baf75e7fb8a215a1cbc43187757950ae07e3ba80b2daac88
a27c332e0d89ed5a7fd7c3e5a7cbd911bb6aec48b4dec57c78fd4ee2300138af
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a810e1302216d25b1aacd80a9aa1437d270806fcea9ee061554682f24afe2a31
aa18a8c6ca1ae5ef3cfa5c7e881af827f6def382f19f40ca86000661d2dc921e
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
af570e147e0822a7f3c73b38c1263537d033b891f04ed734f3b613a13e1ec3c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c3ed2ab9b06633740f85c643a1a417d6c1e2065f528ae08f0b870b8614aa19
b996894fa3e8476df7ac142f7df28552abaf618feea133495904b935f24c32e6
ba6ea3c14b786c327ed20a4264cab9d2e79f7e8a272372720a7c899ecafbf5d0
bb3d373e1afe96983846467891e3bb68a96ae61826af8496c76a99c7b183affa
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bea11beae12f3103df062a886545a84d41c2f6228f84aaf18ba612c1498bc531
c1f6869fb73a613ab806aa0fdf204902f4619f85281fa5cde7270bcfe4f7e8a0
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210
c703c6537ebe65542d76a339bf3c376acdbb851c7110ba2de2f1a1485a7d382a
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
ce2b3c2c70d2b1a286b78677c2a81aad7d7b81667852617ac5468c8738020576
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d481f137e847cab3583dd6ee7e556a10723afeb9ede107631e6210483502dc81
dd563a64664127b04e2d8164c1e33cc3625df3fb9fbee173f3146ad583249e46
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fb6ee80f9dd0dab76ec8d93b9bd8172e15e2096fe45d390160c73f5486d8d4e3
fcdd77ab12779eb0fff1e9dcf361867a109fa08cb6b03825c52ac5ac1f229888
fdaaede5854ad6ce0a67cce6c57ef27437d5c3ec1576d4f69a2acb5900472a20
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.domainelespailles.net Open in urlscan Pro 2606:4700:3035::ac43:bd3d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

94 %HTTPS

58 %IPv6

25 Domains

34 Subdomains

33 IPs

6 Countries

2819 kBTransfer

6469 kBSize

6 Cookies

38 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.domainelespailles.net Open in urlscan Pro
2606:4700:3035::ac43:bd3d Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

94 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

33
IPs

6
Countries

2819 kB
Transfer

6469 kB
Size

6
Cookies

138 HTTP transactions
3 data transactions