urlscan.io logo urlscan.io
SecurityTrails logo

turfologie.fr.gd Open in urlscan Pro
193.238.27.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://turfologie.fr.gd/
Submission: On January 23 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 9 countries across 102 domains to perform 638 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is turfologie.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.
This is the only time turfologie.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.238.27.28 15598 (IPX-AS15598)
3 2606:4700::68... 13335 (CLOUDFLAR...)
27 2a00:1450:400... 15169 (GOOGLE)
21 178.162.223.113 28753 (LEASEWEB-...)
3 95.142.100.82 47543 (ATOM86-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 178.162.223.114 28753 (LEASEWEB-...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 142.132.247.201 24940 (HETZNER-AS)
1 176.9.183.55 24940 (HETZNER-AS)
1 99.86.4.49 16509 (AMAZON-02)
3 3.75.56.58 16509 (AMAZON-02)
2 8 35.204.82.244 396982 (GOOGLE-CL...)
1 1 185.51.218.247 202140 (DIS DIS I...)
2 3 52.59.114.28 16509 (AMAZON-02)
3 16 2a00:6800:3:a... 42730 (EVANZOAS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
20 2400:52e0:1e0... 200325 (BUNNYCDN)
7 2400:52e0:1e0... 200325 (BUNNYCDN)
1 18.66.218.19 16509 (AMAZON-02)
2 178.254.33.33 42730 (EVANZOAS)
1 3 18.195.150.140 16509 (AMAZON-02)
2 148.251.53.118 24940 (HETZNER-AS)
2 2a00:6800:3:5... 42730 (EVANZOAS)
26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
105 195.90.208.185 42730 (EVANZOAS)
1 2 35.157.83.91 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 104.96.147.178 16625 (AKAMAI-AS)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
3 23.36.163.13 20940 (AKAMAI-ASN1)
2 173.239.53.18 27257 (WEBAIR-IN...)
3 3 2604:9e00:1:1... 27257 (WEBAIR-IN...)
13 18.245.31.64 16509 (AMAZON-02)
3 5 2604:9e00:1:1... 27257 (WEBAIR-IN...)
5 6 2604:9e00:1:1... 27257 (WEBAIR-IN...)
3 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 198.134.116.29 27257 (WEBAIR-IN...)
2 3 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 198.134.116.28 27257 (WEBAIR-IN...)
2 174.137.133.16 27257 (WEBAIR-IN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 188.165.150.177 16276 (OVH)
14 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
9 18 142.250.185.66 15169 (GOOGLE)
6 12 172.64.151.101 13335 (CLOUDFLAR...)
6 9 37.252.171.53 29990 (ASN-APPNEX)
1 163.181.92.231 24429 (TAOBAO Zh...)
4 95.211.229.248 60781 (LEASEWEB-...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 142.250.184.198 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
78 144.217.146.12 16276 (OVH)
2 2 52.57.164.72 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
1 35.214.149.91 15169 (GOOGLE)
2 2 37.157.6.243 198622 (ADFORM)
1 1 35.186.193.173 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 139.45.197.245 9002 (RETN-AS)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 139.45.195.8 9002 (RETN-AS)
2 139.45.195.253 9002 (RETN-AS)
1 23.227.38.65 13335 (CLOUDFLAR...)
1 2 95.131.136.1 47841 (OXALIDE)
1 192.229.220.129 15133 (EDGECAST)
1 18.223.141.84 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a04:4e42:65:... 54113 (FASTLY)
7 18.245.60.119 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f14:50b... 16509 (AMAZON-02)
2 20.111.1.2 8075 (MICROSOFT...)
3 2600:9000:21a... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.21 16509 (AMAZON-02)
1 18.66.112.109 16509 (AMAZON-02)
6 20.19.27.128 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.212.231 16509 (AMAZON-02)
2 51.77.83.13 16276 (OVH)
1 142.250.186.34 15169 (GOOGLE)
1 2600:9000:264... 16509 (AMAZON-02)
1 3.225.69.55 14618 (AMAZON-AES)
638 98
1    193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd
turfologie.fr.gd
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
27    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com
theme.webme.com
3    95.142.100.82 (Netherlands)

ASN47543 (ATOM86-AS, NL)
PTR: ofwallet.bestpaths.net
pubdirecte.com
www.linkredirect.biz
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t3.gstatic.com
3    178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com
img.webme.com
11    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
yt3.ggpht.com
2    2600:9000:2057:b400:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
13    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
asrv205.com
8    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.1clic1don.fr
admediatex.net
2    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
nextlevel-f353.kxcdn.com
1    142.132.247.201 (Pullach im Isartal, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.201.247.132.142.clients.your-server.de
nextleveldefend.com
1    176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de
fwdtrk.com
1    99.86.4.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-49.fra6.r.cloudfront.net
arc.io
3    3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
visifeed.org
8    35.204.82.244 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 244.82.204.35.bc.googleusercontent.com
campaigns.milibris.com
api-marketing.milibris.com
1    185.51.218.247 (Paris, France)

ASN202140 (DIS DIS Infrastructure, FR)
PTR: ip-185-51-218-247.rev.dis-hosting.net
collecte.numeo.acpm.fr
3    52.59.114.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-114-28.eu-central-1.compute.amazonaws.com
clk.tradedoubler.com
imp.tradedoubler.com
16    2a00:6800:3:a0b::2 (Germany)

ASN42730 (EVANZOAS, DE)
adnade.net
cdn-binance.com
embed.chatlotto.de
deliver.adnade.net
billigerscheiss.de
2    2606:4700:3037::6815:f90 (United States)

ASN13335 (CLOUDFLARENET, US)
adz2you.xyz
20    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
static.arc.io
edge.cookiefirst.com
cids.arc.io
7    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
core.arc.io
consent.cookiefirst.com
1    18.66.218.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-19.mxp63.r.cloudfront.net
vht.tradedoubler.com
2    178.254.33.33 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: h115.hubuhost.com
sparkasse-fickmuehlen.de
deli.misaglam.com
3    18.195.150.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-150-140.eu-central-1.compute.amazonaws.com
api.yieldads.net
2    148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    2a00:6800:3:591::2 (Germany)

ASN42730 (EVANZOAS, DE)
tool.hubu.link
26    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
105    195.90.208.185 (Weyhe, Germany)

ASN42730 (EVANZOAS, DE)
PTR: h109.hubuhost.com
eu4-de84.muggel.net
pornito.de
2    35.157.83.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-83-91.eu-central-1.compute.amazonaws.com
findarios.com
2    2606:4700:20::681a:cd7 (United States)

ASN13335 (CLOUDFLARENET, US)
r.linksprf.com
3    104.96.147.178 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-178.deploy.static.akamaitechnologies.com
www.awin1.com
1    2604:9e00:1:129::2:b12 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.eximdigital.com
3    23.36.163.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-13.deploy.static.akamaitechnologies.com
ak.eessoong.com
2    173.239.53.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.rtbfactory.com
3    2604:9e00:1:129::2:b0d (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.thenetwork18.com
13    18.245.31.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-64.fra56.r.cloudfront.net
olivedinflats.space
5    2604:9e00:1:129::2:b10 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.adtube.media
xml.zentrixads.com
6    2604:9e00:1:129::2:b1f (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.adflyer.media
xml.clickmi.net
3    2604:9e00:1:129::2:b0e (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.mediacpc.com
2    2604:9e00:1:129::2:b2a (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.clixvista.com
2    198.134.116.29 (United States)

ASN27257 (WEBAIR-INTERNET, US)
filter.realtime-bid.com
3    2604:9e00:1:129::2:b1e (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.ctrtraffic.com
1    2604:9e00:1:129::2:b2c (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.flurryad.com
2    198.134.116.28 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.xmladsystem.com
2    174.137.133.16 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.infinity-info.com
1    2606:4700:3034::ac43:df47 (United States)

ASN13335 (CLOUDFLARENET, US)
www.s2movies.pro
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
a.magsrv.com
1    188.165.150.177 (Les Lilas, France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
grow-platform.tradedoubler.com
14    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
17    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
18    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
12    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
9    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    163.181.92.231 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
www.linkbux.com
4    95.211.229.248 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net
s.magsrv.com
2    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
u3y8v8u4.aucdn.net
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
78    144.217.146.12 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: cdnca02fo.milibris.com
content.milibris.com
2    52.57.164.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
gloutchi.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
becely.com
2    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
zcz.willemsefrance.fr
action.metaffiliation.com
1    192.229.220.129 (United States)

ASN15133 (EDGECAST, US)
img.metaffiliation.com
1    18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com
warden.arc.io
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
21    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.150euros.fr
1    2a00:1450:4001:827::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
14    2a04:4e42:65::720 (United States)

ASN54113 (FASTLY, US)
images.prismic.io
7    18.245.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-119.fra60.r.cloudfront.net
d160aj0mj3npgx.cloudfront.net
10    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.fr
1    2600:1f14:50b:9a01:23d:d479:b64c:70e3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
2    20.111.1.2 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
150euros.azurewebsites.net
3    2600:9000:21a8:9400:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:225e:6200:16:e6fd:1a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.cafeyn.co
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    18.66.147.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-21.fra60.r.cloudfront.net
tag.aticdn.net
1    18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-109.fra56.r.cloudfront.net
uploads-ssl.webflow.com
6    20.19.27.128 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
francecentral-1.in.applicationinsights.azure.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.222.212.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-212-231.fra56.r.cloudfront.net
zkhlvgg.pa-cd.com
2    51.77.83.13 (France)

ASN16276 (OVH, FR)
PTR: ip13.ip-51-77-83.eu
l1s.saturn.ms
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
1    2600:9000:2646:d200:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.cdn.prismic.io
1    3.225.69.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-69-55.compute-1.amazonaws.com
150euros.prismic.io
Apex Domain
Subdomains		 Transfer
104 pornito.de
pornito.de
2 MB
86 milibris.com
campaigns.milibris.com
content.milibris.com — Cisco Umbrella Rank: 657442
api-marketing.milibris.com
12 MB
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
642 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
static.doubleclick.net — Cisco Umbrella Rank: 263
135 KB
26 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11475
as.ad4m.at — Cisco Umbrella Rank: 29340
assets.ad4m.at — Cisco Umbrella Rank: 41583
552 KB
24 webme.com
theme.webme.com
img.webme.com — Cisco Umbrella Rank: 414033
189 KB
22 arc.io
arc.io — Cisco Umbrella Rank: 30076
static.arc.io — Cisco Umbrella Rank: 60604
core.arc.io — Cisco Umbrella Rank: 78783
tracker.arc.io Failed
warden.arc.io — Cisco Umbrella Rank: 61799
cids.arc.io — Cisco Umbrella Rank: 66227
1003 KB
21 150euros.fr
www.150euros.fr
1 MB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
2 MB
16 prismic.io
images.prismic.io — Cisco Umbrella Rank: 12406
static.cdn.prismic.io — Cisco Umbrella Rank: 18046
150euros.prismic.io
289 KB
13 olivedinflats.space
olivedinflats.space — Cisco Umbrella Rank: 259454
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
6 KB
12 adnade.net
adnade.net
deliver.adnade.net
71 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
1 MB
10 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11960
3.bp.blogspot.com — Cisco Umbrella Rank: 14261
2.bp.blogspot.com — Cisco Umbrella Rank: 15271
4.bp.blogspot.com — Cisco Umbrella Rank: 15285
49 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
10 KB
8 gstatic.com
t3.gstatic.com
fonts.gstatic.com
www.gstatic.com
117 KB
7 cloudfront.net
d160aj0mj3npgx.cloudfront.net
616 KB
7 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 33273
edge.cookiefirst.com — Cisco Umbrella Rank: 38670
34 KB
7 1clic1don.fr
www.1clic1don.fr
67 KB
6 azure.com
francecentral-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 452104
373 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
storage.googleapis.com — Cisco Umbrella Rank: 286
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
306 KB
5 magsrv.com
a.magsrv.com — Cisco Umbrella Rank: 15672
s.magsrv.com — Cisco Umbrella Rank: 15034
22 KB
5 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 90788
vht.tradedoubler.com — Cisco Umbrella Rank: 113489
imp.tradedoubler.com — Cisco Umbrella Rank: 185677
grow-platform.tradedoubler.com
43 KB
4 adflyer.media
xml.adflyer.media — Cisco Umbrella Rank: 270196
834 B
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4441
150 KB
3 gloutchi.com
gloutchi.com — Cisco Umbrella Rank: 315505
14 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
3 ctrtraffic.com
xml.ctrtraffic.com — Cisco Umbrella Rank: 429960
539 B
3 mediacpc.com
xml.mediacpc.com
417 B
3 adtube.media
xml.adtube.media — Cisco Umbrella Rank: 212323
663 B
3 thenetwork18.com
xml.thenetwork18.com — Cisco Umbrella Rank: 299101
663 B
3 eessoong.com
ak.eessoong.com — Cisco Umbrella Rank: 291758
14 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
2 KB
3 yieldads.net
api.yieldads.net — Cisco Umbrella Rank: 120597
15 KB
3 visifeed.org
visifeed.org — Cisco Umbrella Rank: 119580
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
2 saturn.ms
l1s.saturn.ms — Cisco Umbrella Rank: 54769
1 MB
2 azurewebsites.net
150euros.azurewebsites.net
45 KB
2 metaffiliation.com
action.metaffiliation.com — Cisco Umbrella Rank: 181020
img.metaffiliation.com — Cisco Umbrella Rank: 92279
135 KB
2 datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226
933 B
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
983 B
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 164401
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344
1011 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 aucdn.net
u3y8v8u4.aucdn.net — Cisco Umbrella Rank: 15687
1 MB
2 infinity-info.com
xml.infinity-info.com — Cisco Umbrella Rank: 301665
278 B
2 xmladsystem.com
xml.xmladsystem.com — Cisco Umbrella Rank: 399202
278 B
2 clickmi.net
xml.clickmi.net — Cisco Umbrella Rank: 334924
442 B
2 realtime-bid.com
filter.realtime-bid.com
26 KB
2 clixvista.com
xml.clixvista.com — Cisco Umbrella Rank: 265566
653 B
2 zentrixads.com
xml.zentrixads.com — Cisco Umbrella Rank: 405789
305 B
2 rtbfactory.com
xml.rtbfactory.com — Cisco Umbrella Rank: 238451
278 B
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 81816
2 KB
2 findarios.com
findarios.com — Cisco Umbrella Rank: 555242
2 KB
2 billigerscheiss.de
billigerscheiss.de
398 B
2 hubu.link
tool.hubu.link
25 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 33863
static.a-ads.com — Cisco Umbrella Rank: 46799
27 KB
2 adz2you.xyz
adz2you.xyz
354 B
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 57836
657 B
2 linkredirect.biz
www.linkredirect.biz
5 KB
2 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5688
15 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 19149
455 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 KB
1 pa-cd.com
zkhlvgg.pa-cd.com
327 B
1 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 13831
6 KB
1 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 15691
25 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
2 KB
1 cafeyn.co
cdn.cafeyn.co
46 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
104 KB
1 on.aws
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws — Cisco Umbrella Rank: 69551
808 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
53 KB
1 willemsefrance.fr
zcz.willemsefrance.fr
724 B
1 becely.com
becely.com
649 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7224
667 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5893
602 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
588 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
66 KB
1 linkbux.com
www.linkbux.com — Cisco Umbrella Rank: 144219
974 B
1 s2movies.pro
www.s2movies.pro — Cisco Umbrella Rank: 807105
1 KB
1 flurryad.com
xml.flurryad.com — Cisco Umbrella Rank: 302520
221 B
1 eximdigital.com
xml.eximdigital.com — Cisco Umbrella Rank: 289286
187 B
1 muggel.net
eu4-de84.muggel.net
1 KB
1 chatlotto.de
embed.chatlotto.de
625 B
1 misaglam.com
deli.misaglam.com — Cisco Umbrella Rank: 842485
484 B
1 sparkasse-fickmuehlen.de
sparkasse-fickmuehlen.de
531 B
1 cdn-binance.com
cdn-binance.com
529 B
1 acpm.fr
collecte.numeo.acpm.fr
464 B
1 admediatex.net
admediatex.net — Cisco Umbrella Rank: 448163
993 B
1 fwdtrk.com
fwdtrk.com
fwd.fwdtrk.com Failed
2 KB
1 nextleveldefend.com
nextleveldefend.com — Cisco Umbrella Rank: 347178
673 B
1 kxcdn.com
nextlevel-f353.kxcdn.com — Cisco Umbrella Rank: 447568
70 KB
1 asrv205.com
asrv205.com
1 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12324
12 KB
1 root-top.com
img.root-top.com
5 KB
1 pubdirecte.com
pubdirecte.com
4 KB
1 fr.gd
turfologie.fr.gd
350 KB
0 adzgame.com Failed
sub.adzgame.com Failed
0 cpmaffiliation.com Failed
www.cpmaffiliation.com Failed
638 102
Domain Requested by
104 pornito.de deliver.adnade.net
pornito.de
78 content.milibris.com campaigns.milibris.com
turfologie.fr.gd
27 pagead2.googlesyndication.com turfologie.fr.gd
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
21 www.150euros.fr www.1clic1don.fr
www.150euros.fr
21 theme.webme.com turfologie.fr.gd
18 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
17 s0.2mdn.net googleads.g.doubleclick.net
turfologie.fr.gd
s0.2mdn.net
17 static.arc.io arc.io
core.arc.io
static.arc.io
14 images.prismic.io www.150euros.fr
14 tpc.googlesyndication.com turfologie.fr.gd
tpc.googlesyndication.com
googleads.g.doubleclick.net
13 olivedinflats.space eu4-de84.muggel.net
13 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
turfologie.fr.gd
googleads.g.doubleclick.net
www.youtube.com
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 assets.ad4m.at as.ad4m.at
11 adnade.net 1 redirects www.1clic1don.fr
adnade.net
deliver.adnade.net
10 www.youtube.com www.150euros.fr
www.youtube.com
www.googletagmanager.com
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
8 ad4m.at deli.misaglam.com
ad4m.at
as.ad4m.at
7 d160aj0mj3npgx.cloudfront.net www.150euros.fr
7 campaigns.milibris.com 2 redirects www.1clic1don.fr
campaigns.milibris.com
7 www.1clic1don.fr 1 redirects www.linkredirect.biz
www.1clic1don.fr
6 francecentral-1.in.applicationinsights.azure.com www.150euros.fr
6 as.ad4m.at ad4m.at
as.ad4m.at
googleads.g.doubleclick.net
6 consent.cookiefirst.com adnade.net
consent.cookiefirst.com
5 fonts.gstatic.com www.150euros.fr
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 ad.doubleclick.net turfologie.fr.gd
4 s.magsrv.com pornito.de
a.magsrv.com
4 xml.adflyer.media 3 redirects eu4-de84.muggel.net
4 1.bp.blogspot.com turfologie.fr.gd
3 sdk.privacy-center.org turfologie.fr.gd
sdk.privacy-center.org
3 gloutchi.com www.s2movies.pro
gloutchi.com
eu4-de84.muggel.net
3 www.google.com 1 redirects googleads.g.doubleclick.net
www.youtube.com
3 xml.ctrtraffic.com 2 redirects eu4-de84.muggel.net
3 xml.mediacpc.com eu4-de84.muggel.net
3 xml.adtube.media 3 redirects
3 xml.thenetwork18.com 3 redirects
3 ak.eessoong.com eu4-de84.muggel.net
ak.eessoong.com
3 www.awin1.com as.ad4m.at
3 api.yieldads.net 1 redirects visifeed.org
api.yieldads.net
3 visifeed.org fwdtrk.com
visifeed.org
3 3.bp.blogspot.com turfologie.fr.gd
3 img.webme.com turfologie.fr.gd
3 cdnjs.cloudflare.com turfologie.fr.gd
static.arc.io
2 l1s.saturn.ms unpkg.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 150euros.azurewebsites.net www.150euros.fr
2 cids.arc.io static.arc.io
2 datatechone.com gloutchi.com
ak.eessoong.com
2 my.rtmark.net gloutchi.com
ak.eessoong.com
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 u3y8v8u4.aucdn.net pornito.de
2 xml.infinity-info.com eu4-de84.muggel.net
2 xml.xmladsystem.com eu4-de84.muggel.net
2 xml.clickmi.net 2 redirects
2 filter.realtime-bid.com eu4-de84.muggel.net
2 xml.clixvista.com 2 redirects
2 xml.zentrixads.com eu4-de84.muggel.net
2 xml.rtbfactory.com eu4-de84.muggel.net
2 r.linksprf.com 1 redirects findarios.com
2 findarios.com 1 redirects api.yieldads.net
2 billigerscheiss.de 2 redirects
2 tool.hubu.link adnade.net
tool.hubu.link
2 adz2you.xyz www.1clic1don.fr
2 clk.tradedoubler.com 1 redirects www.1clic1don.fr
2 t.adcell.com 2 redirects
2 www.linkredirect.biz pubdirecte.com
www.linkredirect.biz
2 static.wixstatic.com turfologie.fr.gd
2 2.bp.blogspot.com turfologie.fr.gd
1 150euros.prismic.io static.cdn.prismic.io
1 www.google.fr turfologie.fr.gd
1 static.cdn.prismic.io www.150euros.fr
1 www.googleadservices.com www.googletagmanager.com
1 zkhlvgg.pa-cd.com tag.aticdn.net
1 uploads-ssl.webflow.com www.150euros.fr
1 tag.aticdn.net www.googletagmanager.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 cdn.cafeyn.co campaigns.milibris.com
1 api-marketing.milibris.com campaigns.milibris.com
1 www.googletagmanager.com turfologie.fr.gd
1 su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws unpkg.com
1 storage.googleapis.com www.150euros.fr
1 unpkg.com static.arc.io
1 warden.arc.io static.arc.io
1 img.metaffiliation.com as.ad4m.at
1 action.metaffiliation.com 1 redirects
1 zcz.willemsefrance.fr as.ad4m.at
1 becely.com www.linkbux.com
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 static-de.ad4mat.net as.ad4m.at
1 ius.ctnsnet.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 www.googletagservices.com googleads.g.doubleclick.net
1 www.linkbux.com r.linksprf.com
1 grow-platform.tradedoubler.com as.ad4m.at
1 imp.tradedoubler.com 1 redirects
1 a.magsrv.com pornito.de
1 www.s2movies.pro eu4-de84.muggel.net
1 xml.flurryad.com 1 redirects eu4-de84.muggel.net
1 xml.eximdigital.com 1 redirects eu4-de84.muggel.net
1 edge.cookiefirst.com consent.cookiefirst.com
1 eu4-de84.muggel.net deliver.adnade.net
1 static.a-ads.com ad.a-ads.com
1 fonts.googleapis.com ad.a-ads.com
1 deliver.adnade.net adnade.net
1 ad.a-ads.com adnade.net
1 embed.chatlotto.de cdn-binance.com
1 deli.misaglam.com sparkasse-fickmuehlen.de
1 sparkasse-fickmuehlen.de adnade.net
1 cdn-binance.com adnade.net
1 vht.tradedoubler.com clk.tradedoubler.com
1 core.arc.io arc.io
1 collecte.numeo.acpm.fr 1 redirects
1 admediatex.net www.1clic1don.fr
1 arc.io www.1clic1don.fr
1 fwdtrk.com asrv205.com
1 nextleveldefend.com asrv205.com
1 nextlevel-f353.kxcdn.com asrv205.com
1 asrv205.com turfologie.fr.gd
1 blogger.googleusercontent.com turfologie.fr.gd
1 img.root-top.com turfologie.fr.gd
1 4.bp.blogspot.com turfologie.fr.gd
1 t3.gstatic.com turfologie.fr.gd
1 pubdirecte.com turfologie.fr.gd
1 turfologie.fr.gd
0 tracker.arc.io Failed static.arc.io
0 sub.adzgame.com Failed eu4-de84.muggel.net
0 fwd.fwdtrk.com Failed fwdtrk.com
0 www.cpmaffiliation.com Failed turfologie.fr.gd
638 136
Subject Issuer Validity Valid
fr.gd
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
misc.webme.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
pubdirecte.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
img.webme.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-01 -
2024-06-29		 6 months crt.sh
root-top.com
E1		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
asrv205.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
1clic1don.fr
GTS CA 1P5		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.nextleveldefend.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
fwdtrk.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
arc.io
Amazon RSA 2048 M03		 2024-01-22 -
2025-02-18		 a year crt.sh
admediatex.net
GTS CA 1P5		 2024-01-13 -
2024-04-12		 3 months crt.sh
visifeed.org
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.milibris.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-09-25 -
2024-09-25		 a year crt.sh
*.tradedoubler.com
Amazon RSA 2048 M03		 2023-09-06 -
2024-10-05		 a year crt.sh
adnade.net
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
adz2you.xyz
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
static.arc.io
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
core.arc.io
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
cdn-binance.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-12-16		 a year crt.sh
sparkasse-fickmuehlen.de
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
deli.misaglam.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
api.yieldads.net
Amazon RSA 2048 M01		 2023-10-04 -
2024-11-02		 a year crt.sh
embed.chatlotto.de
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-27 -
2025-01-26		 a year crt.sh
deliver.adnade.net
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
tool.hubu.link
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
eu4-de84.muggel.net
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
pornito.de
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
findarios.com
Amazon RSA 2048 M02		 2023-08-27 -
2024-09-25		 a year crt.sh
linksprf.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh
ak.hetaruwg.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.rtbfactory.com
AlphaSSL CA - SHA256 - G4		 2023-02-02 -
2024-03-05		 a year crt.sh
olivedinflats.space
Amazon RSA 2048 M02		 2023-03-13 -
2024-04-10		 a year crt.sh
mediacpc.com
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
zentrixads.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.realtime-bid.com
AlphaSSL CA - SHA256 - G4		 2023-02-27 -
2024-03-30		 a year crt.sh
*.ctrtraffic.com
AlphaSSL CA - SHA256 - G4		 2023-03-06 -
2024-04-06		 a year crt.sh
xmladsystem.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.infinity-info.com
AlphaSSL CA - SHA256 - G4		 2023-07-26 -
2024-08-26		 a year crt.sh
s2movies.pro
E1		 2024-01-02 -
2024-04-01		 3 months crt.sh
adflyer.media
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
magsrv.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.linkbux.com
RapidSSL TLS RSA CA G1		 2023-07-26 -
2024-08-08		 a year crt.sh
afcdn.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ad4mat.net
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh
gloutchi.com
R3		 2023-12-24 -
2024-03-23		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2024-01-18 -
2024-04-17		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
*.myshopify.com
Cloudflare Inc ECC CA-3		 2023-08-02 -
2024-07-31		 a year crt.sh
zcz.willemsefrance.fr
R3		 2024-01-02 -
2024-04-01		 3 months crt.sh
www.150euros.fr
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-06		 a year crt.sh
cids.arc.io
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
images.prismic.io
Certainly Intermediate R1		 2024-01-08 -
2024-02-07		 a month crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.lambda-url.us-west-2.on.aws
Amazon RSA 2048 M03		 2023-12-27 -
2025-01-25		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 06		 2023-08-31 -
2024-06-27		 10 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cafeyn.co
Gandi Standard SSL CA 2		 2023-06-12 -
2024-06-12		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2024-01-15 -
2025-01-23		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-19 -
2024-11-13		 a year crt.sh
*.pa-cd.com
Thawte TLS RSA CA G1		 2023-08-23 -
2024-09-22		 a year crt.sh
l1s.saturn.ms
ZeroSSL ECC Domain Secure Site CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cdn.prismic.io
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-12		 a year crt.sh
*.prismic.io
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh

This page contains 88 frames:

Primary Page: https://turfologie.fr.gd/
Frame ID: 3301DB9CACDB99725C5C23EB0AE5143F
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 0F5FC1D7B8D72B29754DE7B983F7C588
Requests: 1 HTTP requests in this frame

Frame: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-624665710-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVlXNXYxKKUnmqanGqX&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVmXNXYxKKUnmqanGqX&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVnXNXYxKKUnmqanGqX
Frame ID: 70ED042F6E8B73F8A6D7D50807418217
Requests: 2 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 8E327378872472504CAB699DC7896E65
Requests: 2 HTTP requests in this frame

Frame: https://www.1clic1don.fr/tagpdis.php
Frame ID: 9E4D4E440C23CC9C46BBF0BA2581E2D4
Requests: 23 HTTP requests in this frame

Frame: https://nextleveldefend.com/impression?CID=24__nxt__BID=0__nxt__SRC=165__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=269847-105746-&adcref=asrv205.com%2F
Frame ID: 175DEA3EDEEB2F400FCF8B1CF8044C50
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MywiY3JlYXRpdmVfaWQiOjcsInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IkZSIiwidHMiOjE3MDYwMjU4ODV9
Frame ID: AD8B611894AAA54D8EB6E2A84BE12F97
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706025885&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025885586&bpp=3&bdt=172&idt=238&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1817310564721&frm=20&pv=2&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: AA97B767188F88B7D6CECEC84D3982D9
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a102ad&ci=yCbu4Nw%3B&its=9F%5Bt%2ALp5e7bA%24QD%3BujPWbV%5C&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 74F83B2BBF00D7E41461EAE8FB86DF93
Requests: 2 HTTP requests in this frame

Frame: https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Frame ID: DE46319DD8352C346FDF85345109BD96
Requests: 138 HTTP requests in this frame

Frame: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Frame ID: EBFC831C58D5ADFF6ED6AC89B626252E
Requests: 65 HTTP requests in this frame

Frame: https://adnade.net/ptp/?user=pas30
Frame ID: DE9C41A621D40CF0CAB8813A0DC66E4E
Requests: 19 HTTP requests in this frame

Frame: https://adz2you.xyz/serve/show.php?a=33&b=468x15
Frame ID: 37272E0F22E4B4DB1ED6D58120B77AF1
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.xyz/serve/show.php?a=33&b=236x15
Frame ID: 9F8622232D01F640BBA71F909ADC1A13
Requests: 1 HTTP requests in this frame

Frame: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 84ABB67CE9B6AABA9440FFAAFF01983E
Requests: 2 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?76bc4f3
Frame ID: 8F1E0A61C07EFDE56FDCA5EBA8B5CA6D
Requests: 7 HTTP requests in this frame

Frame: https://sparkasse-fickmuehlen.de/partner/
Frame ID: 5970D8CA12461FAB7B7332879855F650
Requests: 1 HTTP requests in this frame

Frame: https://becely.com/?ref=C6DCt0hWjCm51a&sub_id=lb_44roy6d
Frame ID: 2AA93202BCD97EA3ACFA8D614DDC5E7D
Requests: 7 HTTP requests in this frame

Frame: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Frame ID: 16FC392E7744C1D21EF1D2A49C6C2AFD
Requests: 3 HTTP requests in this frame

Frame: https://embed.chatlotto.de/?chatroom=71aea55f3f44091b
Frame ID: 8D2045D8109AD0B171E068D04D47B696
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Frame ID: 889DCEE837CEC25F79EF27F66E9DA55D
Requests: 3 HTTP requests in this frame

Frame: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Frame ID: 477465489E315C4637BEBE57FCF57317
Requests: 2 HTTP requests in this frame

Frame: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Frame ID: 9F63DF95FE63D3ACABF28CD7951435C9
Requests: 1 HTTP requests in this frame

Frame: https://pornito.de/
Frame ID: 78E2A89E3B20C2241EE42ECDD3B8CE1D
Requests: 113 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 9CD3E2A4D83AA7111134D0F4A185885A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1037&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3
Frame ID: 56AA80AB37E4DB01BF7ABAE0D15B3157
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Frame ID: 969E8C83A87D52995E42615651A192E3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Frame ID: C097ED13465F1E48AD6615B300557814
Requests: 11 HTTP requests in this frame

Frame: https://ak.eessoong.com/?z=6945102&syncedCookie=true&rhd=false&rb=F6daV0IaSWx5xyBm_vk2-XyRJxT5tz4TW6xtpISzicKoXxqXub7HTBaYgSCtCCtkrQKO5dvmkgCZkZqkh71d8xq0xd-8BVln56XoNc3w90WxPKnCXOY5hrIrq8KB-oExOcZuTxLTEtnfgvj3QvoLNjPAZw-VIBTO5H6KdhgmK8oG_xQ_0sd0gDgjLwA7nZJljvFmJIamAsyTkpTH5D185wZxM85zEHLrJQphaq40G60bXxoyMv8zLScpxye2GlSQdxenPlYQ0tQawXfIeqiSQZJNUoh1PqfJKAtRQg==&sfr=timeout
Frame ID: FD5EEFEF72D4C4F2262A4205190E5260
Requests: 5 HTTP requests in this frame

Frame: https://xml.rtbfactory.com/redirect?feed=633223&auth=hWvnzW&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: FE5E7ACA623378F6A87A43B77BFB70B0
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Frame ID: DE3A5233D6ED1AA1E3D13DA64F4B032E
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Frame ID: 1CE7BBBD9331FA72D24CA5E165660D92
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Frame ID: 9F9E7FA28F18D1DB4D911F3392D6C38D
Requests: 1 HTTP requests in this frame

Frame: https://xml.mediacpc.com/redirect?feed=629755&auth=oNyUuc&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 4B753105A12473DC47396F77E32F7C7A
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Frame ID: A900826CF56E93ED618AE3B7D543518A
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Frame ID: 77DDFA8FFE2CC943BF7CF47882347C88
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Frame ID: 8827690F1A992C6F0D17D80DD59A9D84
Requests: 1 HTTP requests in this frame

Frame: https://xml.zentrixads.com/redirect?feed=626946&auth=zhEF3k&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 1B358D8F7E2558661092384E95A8D689
Requests: 1 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
Frame ID: 85E9B93D18E58F2F64484BAE006D494A
Requests: 2 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Frame ID: AB256F2ACF0FFFEE5363325AA052A1E0
Requests: 1 HTTP requests in this frame

Frame: https://xml.ctrtraffic.com/redirect?feed=616706&auth=LtBzUz&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 09F89C2BD9302F67D285B1DB86C20E2E
Requests: 1 HTTP requests in this frame

Frame: https://xml.mediacpc.com/redirect?feed=616707&auth=kv8WiI&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 4B42F41E242F99C88AEFFC128A36E4C2
Requests: 1 HTTP requests in this frame

Frame: https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 99E2B43E6933FC5ABFE7702A4C668B64
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=481949.600679
Frame ID: EE095838938BEF41566A8A382CBE51A5
Requests: 1 HTTP requests in this frame

Frame: https://sub.adzgame.com/redirect?feed=634020&auth=kYcx8E&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: 2EA0BC2F898A28B50A2B12341402A30F
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmladsystem.com/redirect?feed=615319&auth=W8TMJ0&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: BEAEDD59DA7F43E3AD820631C5A35754
Requests: 1 HTTP requests in this frame

Frame: https://xml.rtbfactory.com/redirect?feed=633210&auth=5NdnT6&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 6BDA2BB05E8935568329DFA0A4D33A29
Requests: 1 HTTP requests in this frame

Frame: https://xml.infinity-info.com/redirect?feed=634483&auth=gPnHL5&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 05CCFDDD36E012FBF3CB4AAC4F004776
Requests: 1 HTTP requests in this frame

Frame: https://sub.adzgame.com/redirect?feed=634021&auth=FZfz2y&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: 23EB603A4990E3781897E93459ADEE1E
Requests: 1 HTTP requests in this frame

Frame: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
Frame ID: DF0C6A1C0E15408E46A974F17BC63E3A
Requests: 2 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Frame ID: 2AB715284768B990414823ACF6F8B9EF
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Frame ID: AB977251EC79985FCF97112DE9E2BEF3
Requests: 1 HTTP requests in this frame

Frame: https://gloutchi.com/?z=6844028&syncedCookie=true&rhd=false&rb=qmS0lxRt-823nHgPJp8kua0YABzlwNwjQaeM7E9i8tK73PwpGdleRcz8bQ05WADcKdiasbvL9E25xsWa-4TxO746NophTsYLMPVru5uOsEqLZRZP0z2oTKe2xpISq78YIv2EJB9xat7T4x6btTunP0IYJ6KaDbmpSCkpiFPLdVweGaVlrElBfYBNs7aWaYSdTJ1mgdTxWgv2vSAiIqCme20rhBExQXKNdrX00mOtitLAS0o7Cy0ZVMmi_I3vRS50HfAdo-jcagOI9W9wTySuGh4DgqJteqZo43TMrKaKVDci0Ze3OGZ0Rs0tOiQ0uuMNYYKGI4adYPk=&sfr=timeout
Frame ID: 9E820883C20F9643D72DE19769F9D19D
Requests: 6 HTTP requests in this frame

Frame: https://xml.eximdigital.com/redirect?feed=634442&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Frame ID: 0D4D82D8A8B2418505789BEDD6C3BF02
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Frame ID: A619B19979EC28BCF79C7097EB63F7E3
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=481949.621005
Frame ID: 7E8540C37E56BA3390D5FF183A23F6C8
Requests: 1 HTTP requests in this frame

Frame: https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: FA1DA9561155B0421FAE75B1EAF9D948
Requests: 1 HTTP requests in this frame

Frame: https://olivedinflats.space/redirect?tid=926092&subid=536788.567453
Frame ID: AFD7D67DA7997813C1801B1CF3D378CC
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmladsystem.com/redirect?feed=615320&auth=ywL5Zd&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 333C4BAD3C6C21F345886ACB3480C61E
Requests: 1 HTTP requests in this frame

Frame: https://xml.mediacpc.com/redirect?feed=629756&auth=ojnfCi&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 3B73145F2C13D0C25D111C7A372A0C27
Requests: 1 HTTP requests in this frame

Frame: https://xml.infinity-info.com/redirect?feed=634482&auth=JoigQT&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 4D278C78A8F7911433765C06CB9E6D8B
Requests: 1 HTTP requests in this frame

Frame: https://xml.flurryad.com/redirect?feed=626942&auth=CSVpPf&subid={subid}&query={query}&url={url}&default_url={default_url}
Frame ID: 94DE80C2B726DBC3D54E18309D6A49B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0A128C549183E6096B1226C1CBDC5ACC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8E9F10E0857453372D09135545C969BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C3B6B0486A11E8C6390E06D0B8BED46B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Frame ID: 7E0D44908BDCDB4619B60172D613A437
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Frame ID: F64724DECA59CDAE359D4D59303ADD22
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Frame ID: 82B8B2DE2E20697CFB65F95643753EBB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/7249039159513746748
Frame ID: 24A432D8ED8AA28EB6376135957A51C0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Frame ID: 92E3B7D1A58833DE828234D1157CA441
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: B5056D6C708E79C0AC6107B3EF640E4D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D748418668DC7F0D68266F2D2A6CC189
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2D20CDF37BEE18E2E5721A2FD854227F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 28B40689F8DD04BBE71BD9F510D95A1F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Frame ID: D0AD541E630A803AD3E63D3E2AA84BA9
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
Frame ID: 736C6D71882C02DD7A4E64967A8A13E7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: 768115CE7507F0E688FA95E6215F9DF6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF4D739EF4D54B4E6BCB56679DE3A327
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 7CE24A23624CE8D34EC5E58C9AADEBA1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Frame ID: 7D74B9937E555D5501FB20D1D3D17A36
Requests: 11 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?76bc4f3
Frame ID: 8847E6C0071E2202BD0B4B2108C2018D
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?76bc4f3
Frame ID: 85547680B74A076ABA89FEB7910F2D3B
Requests: 9 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Frame ID: EDEBA69354AAD5F21A117CAADB88E84C
Requests: 20 HTTP requests in this frame

Frame: data://truncated
Frame ID: B3A922A63E4E762270FECCB5F26AEBF3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 02D328CB9E982CD0AB30EE933FDB3A15
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5480AFA51C3A46F29C901D0522B320F1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B0BA22D03DAC4F055283652820F0CEBD
Requests: 1 HTTP requests in this frame

Frame: https://150euros.prismic.io/prismic-toolbar/4.0.9/iframe.html
Frame ID: 16B3EE1EEF049C9A6D4AF16E0E948EAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TURFOLOGIE: LA DOCTRINE DES TURFISTES - BIENVENUE

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

638
Requests

87 %
HTTPS

50 %
IPv6

102
Domains

136
Subdomains

98
IPs

9
Countries

26767 kB
Transfer

40257 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://t.adcell.com/p/image?promoId=214802&slotId=105746 HTTP 302
  • https://nextlevel-f353.kxcdn.com/ETUUI/ETUUI_Banner_300x250_200210.gif
Request Chain 52
  • https://t.adcell.com/p/view?promoId=269847&slotId=105746&pv=1&htlp=1 HTTP 302
  • https://nextleveldefend.com/impression?CID=24__nxt__BID=0__nxt__SRC=165__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=269847-105746-&adcref=asrv205.com%2F
Request Chain 62
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4 HTTP 302
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1 HTTP 302
  • https://collecte.numeo.acpm.fr/track?link=20685&n=20240112&cible=https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd= HTTP 303
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Request Chain 68
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 107
  • https://billigerscheiss.de/?t=1706025886&ln=1 HTTP 302
  • https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Request Chain 108
  • https://adnade.net/surfbar/?p=1 HTTP 302
  • https://billigerscheiss.de/?g=0 HTTP 302
  • https://pornito.de/
Request Chain 112
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
  • https://findarios.com/y?t=becely.com&cid=8d0539c10f144e0524346d7896d2752fe52a70373b194d8685d2fe4b1d0c6232&identifier=da1f6ec6f064d0cb HTTP 302
  • https://findarios.com/search/becely.com
Request Chain 121
  • https://r.linksprf.com/v1/redirect?url=https://becely.com&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/search/becely.com&yk_tag=8d0539c10f144e0524346d7896d2752fe52a70373b194d8685d2fe4b1d0c6232 HTTP 302
  • https://r.linksprf.com/v2/go?t=5t0p7%3Ac%2F0wa.0i5k9ud.9o5%2F2r3c4%2F04213z1d0Z4i3rvHdruPmucWy6eKeyFR%25C23AY%25bpUtv%3DarZ%3F_pUaf7goKSMAIYaVKu5lnhztisu3L%25xFL2JbScFlH.Tor%26TiU%3Dc0m050o0u4n8129ck0a1tdmfc4x1bbn3l6w8w3%2F4s2tah&e=1&ai=f1539fbd16e34aad808cc5b6d428ce5a&sct=0&ct=1706025886640&cu=20c40312d5f94d19b5306a803c4720a5&ykuid=3c42b26d2455406a922baa4d27aa5673&sc=1&cs=266e1398c42463257cf426c22783c86c
Request Chain 131
  • https://xml.eximdigital.com/redirect?feed=634443&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F HTTP 302
  • https://ak.eessoong.com/4/6945102
Request Chain 133
  • https://xml.thenetwork18.com/redirect?feed=626939&auth=cUVzDz&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Request Chain 134
  • https://xml.adtube.media/redirect?feed=615325&auth=nWjGCY&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Request Chain 135
  • https://xml.adflyer.media/redirect?feed=626960&auth=c2DVej&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Request Chain 137
  • https://xml.adflyer.media/redirect?feed=615321&auth=cOpZmC&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Request Chain 138
  • https://xml.thenetwork18.com/redirect?feed=615317&auth=aX2pUJ&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Request Chain 139
  • https://xml.adtube.media/redirect?feed=631737&auth=5q8RSh&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Request Chain 141
  • https://xml.clixvista.com/redirect?feed=634146&auth=ZcZzdT&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
Request Chain 142
  • https://xml.clickmi.net/redirect?feed=615323&auth=R59YLB&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Request Chain 146
  • https://xml.flurryad.com/redirect?feed=626944&auth=qBoLPX&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=481949.600679
Request Chain 152
  • https://xml.clixvista.com/redirect?feed=634351&auth=soTzkH&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
Request Chain 153
  • https://xml.adtube.media/redirect?feed=631735&auth=KA0htm&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Request Chain 154
  • https://xml.clickmi.net/redirect?feed=615324&auth=4h0n5N&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Request Chain 155
  • https://xml.ctrtraffic.com/redirect?feed=629199&auth=zLr9BW&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://www.s2movies.pro/
Request Chain 157
  • https://xml.thenetwork18.com/redirect?feed=615318&auth=OjLd1I&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Request Chain 158
  • https://xml.adflyer.media/redirect?feed=626962&auth=qAKAp2&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=481949.621005
Request Chain 160
  • https://xml.ctrtraffic.com/redirect?feed=629202&auth=QnmDKl&subid={subid}&query={query}&url={url}&default_url={default_url} HTTP 302
  • https://olivedinflats.space/redirect?tid=926092&subid=536788.567453
Request Chain 179
  • https://imp.tradedoubler.com/imp?type(img)g(25528792)a(3040636)epi(oneidkzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaRoneid__Influencer_TT_advancedad_300x250)074726015 HTTP 302
  • https://grow-platform.tradedoubler.com/uploads/organizations/2367786/c-825d08a1fc9890e3f47217dce59317b5.png
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-lwQyWOKc1Eta1-8Vj9Fg&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnpzDORgGLon.gg5PbQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELTWlJUCABkwL4z8952wjbc&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
Request Chain 222
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnk-3AMZQa.zBCBqbtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
Request Chain 224
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTMzNTIyMzMyMzM1OTg2Ng%3D%3D
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnk-3AMZQa.zBCBqbtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
Request Chain 228
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
Request Chain 253
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-rl232iWv6dudmCAoeQC5iY6akUvTxhrMPSYaCztByPJ1PgOvhS7ONeX_Yo7uc0E9hzGEgyE5a2qk2t5VQxgPsXQZWDZ5x6jJPPPEhNJsm1J2Q94g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-rl232iWv6dudmCAoeQC5iY6akUvTxhrMPSYaCztByPJ1PgOvhS7ONeX_Yo7uc0E9hzGEgyE5a2qk2t5VQxgPsXQZWDZ5x6jJPPPEhNJsm1J2Q94g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGlhZVV6WWoxUnNqZ3o1&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-rl232iWv6dudmCAoeQC5iY6akUvTxhrMPSYaCztByPJ1PgOvhS7ONeX_Yo7uc0E9hzGEgyE5a2qk2t5VQxgPsXQZWDZ5x6jJPPPEhNJsm1J2Q94g
Request Chain 254
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 255
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHE_80PBHd0i7tlr0SgyNas&google_cver=1&google_push=AXcoOmQ3VQDhCw4N6UG4SivNxU4cXpF4RQFK6l2Cjb5hwaCT70Kr6R_rzZc6Zjfm-5g7dR0Vz7zVAtNkCef_W99JQ-UzhP_rZ4q6mhSLYdp5W-SlQ_hCkMhEpk7vmksRGIhESDqr61iesangoF0A4gdGHHG1KRM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHE_80PBHd0i7tlr0SgyNas&google_push=AXcoOmQ3VQDhCw4N6UG4SivNxU4cXpF4RQFK6l2Cjb5hwaCT70Kr6R_rzZc6Zjfm-5g7dR0Vz7zVAtNkCef_W99JQ-UzhP_rZ4q6mhSLYdp5W-SlQ_hCkMhEpk7vmksRGIhESDqr61iesangoF0A4gdGHHG1KRM
Request Chain 256
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMMcvCX4iDRFfL6EXW0WgS4&google_cver=1&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCwmAub-0ZTc-SBS5sCxS4LBIYqrFbSZYnBV9wgtxYhasIUPZoXglNqNqif4MwyYbXU4ffBCx4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YOkTW1Z9SY0RxKzQoHrQDg&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCwmAub-0ZTc-SBS5sCxS4LBIYqrFbSZYnBV9wgtxYhasIUPZoXglNqNqif4MwyYbXU4ffBCx4
Request Chain 258
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG67zwHElviQgFefg-dazKw&google_cver=1&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjOvSlaVFyrIyb3bDcCheQRhgJCZ-GIdagfilFxCyNJCcIOmvbYVPoUyIPHIS4oMe_bh1HJp7vVbAFvGrw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG67zwHElviQgFefg-dazKw&google_cver=1&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjOvSlaVFyrIyb3bDcCheQRhgJCZ-GIdagfilFxCyNJCcIOmvbYVPoUyIPHIS4oMe_bh1HJp7vVbAFvGrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4ODgwOTc5NjIwOTU1ODM0Mw&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjOvSlaVFyrIyb3bDcCheQRhgJCZ-GIdagfilFxCyNJCcIOmvbYVPoUyIPHIS4oMe_bh1HJp7vVbAFvGrw
Request Chain 259
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEAfgxN51lE3WsyPSTvKsSKs&google_cver=1&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SLMhKgurbuzKiDn2THNWAXkwA6A-6mcpcS3igdg_ICVXbUVbdEm8YHTEmlEf7K_5hSZ_o7KRpx7pWFH8RqfZJKvnQYFjJyc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SLMhKgurbuzKiDn2THNWAXkwA6A-6mcpcS3igdg_ICVXbUVbdEm8YHTEmlEf7K_5hSZ_o7KRpx7pWFH8RqfZJKvnQYFjJyc&google_hm=M2CXDLpATHqCAj2q0g3Fqm4
Request Chain 399
  • https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://img.metaffiliation.com/4/58179/img_13_13_33.gif
Request Chain 420
  • https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602&f=0 HTTP 302
  • https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Request Chain 652
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=oeOvZcThH8Sb78EPiL6l4A8&sscte=1&crd=&eitems=ChAIgOS9rQYQpMLWwPr2jpZZEh0AMre0YIsD7QU_5W1VjH5IPphkxwIVfa0jARL_6Q&pscrd=IhMIhLb92PHzgwMVxM07Ah0IXwn8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhLb92PHzgwMVxM07Ah0IXwn8&is_vtc=1&ocp_id=oeOvZcThH8Sb78EPiL6l4A8&cid=CAQSKQAvHhf_TIJo9NIke4qqgJ5JwX5uidR1pTi1LJlFeN4aQ-qXkpG5cH2W&eitems=ChAIgOS9rQYQpMLWwPr2jpZZEh0AMre0YNtj2GI6Xfo8YVofLeRv-PAhmPdK5bE01w&random=3765690800 HTTP 302
  • https://www.google.fr/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhLb92PHzgwMVxM07Ah0IXwn8&is_vtc=1&ocp_id=oeOvZcThH8Sb78EPiL6l4A8&cid=CAQSKQAvHhf_TIJo9NIke4qqgJ5JwX5uidR1pTi1LJlFeN4aQ-qXkpG5cH2W&eitems=ChAIgOS9rQYQpMLWwPr2jpZZEh0AMre0YNtj2GI6Xfo8YVofLeRv-PAhmPdK5bE01w&random=3765690800&ipr=y

638 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
turfologie.fr.gd/ 		532 KB
350 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
fr.gd
Software
nginx /
Resource Hash
761dc2ababcd93c5b563f247977e2be245a716a23d3869d82ba44e6fb7ae52f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-15
Date
Tue, 23 Jan 2024 16:04:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Varnish
164112838
X-wm-1
64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP
193.238.27.28
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
947192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1618
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUcL6sR%2F2Xmv3FZ4lbBCawW%2F8WLZ7ryOnRx2TY8tX4kICFfjZRW8kcrpXgN%2BWu5kYwkjigQNbA6ksgyeJ9GFJU3L74x%2FA25sfdqPXRIeYKRLvCvS28e%2BnBBrxIlhyZE%2B5xWPMslXOOwCf5oLCU9gH544"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a146382f3a702d-CDG
expires
Sun, 12 Jan 2025 16:04:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f27da5c39b5fa7002eec0402c5340023b9f5819ee7d008db898adc5be5b22a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Origin
https://turfologie.fr.gd
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51260
x-xss-protection
0
server
cafe
etag
8007830173552562548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 16:04:45 GMT
navi_top.gif
theme.webme.com/designs/red/images/ 		179 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/navi_top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60072
Content-Type
image/gif
X-Varnish
97960436, 396933177 392774062
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179
Expires
Mon, 04 Mar 2024 23:23:33 GMT
navi_bottom.gif
theme.webme.com/designs/red/images/ 		76 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/navi_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60071
Content-Type
image/gif
X-Varnish
96099938, 397251395 392647179
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76
Expires
Mon, 04 Mar 2024 23:23:34 GMT
cont_top.gif
theme.webme.com/designs/red/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/cont_top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60217
Content-Type
image/gif
X-Varnish
97548404, 397251393 393026677
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2582
Expires
Mon, 04 Mar 2024 23:21:08 GMT
banniere.php
pubdirecte.com/script/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubdirecte.com/script/banniere.php?said=132891
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN47543 (ATOM86-AS, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
4c2ba2549b4f808634e34e33828dc23f2dfabffd16d4310ac3a1caa5ecec1df9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:04:45 GMT
Server
Apache
X-ssl
1
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Expires
Sun, 01 Jan 2014 00:00:00 GMT
images
t3.gstatic.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9110
x-xss-protection
0
last-modified
Thu, 31 Dec 2015 23:52:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 22 Jan 2025 16:04:45 GMT
5936eaff2200001500c6c942.gif
img.webme.com/pic/t/turfologie/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/t/turfologie/5936eaff2200001500c6c942.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 02 Oct 2018 14:57:34 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
7
ETag
"5bb3875e-10539"
X-Varnish
165642847, 397251385 397228385
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66873
1.gif
1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/1.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
fife
etag
"v7b"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
7-Fortunepmu.jpg
3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/7-Fortunepmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="7-Fortunepmu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7373
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
6-Turfpmu.jpg
2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/6-Turfpmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="6-Turfpmu.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2753
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:04:45 GMT
5-Elvyturf.jpg
4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/5-Elvyturf.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="5-Elvyturf.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3846
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
9-Jeugagnant.jpg
1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/9-Jeugagnant.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="9-Jeugagnant.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3360
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
2.jpg
1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/2.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7042
x-xss-protection
0
server
fife
etag
"v7b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
8-Triotierce.jpg
3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/8-Triotierce.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="8-Triotierce.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3489
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
10-Basecouple.jpg
3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/10-Basecouple.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="10-Basecouple.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2914
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
image.png
static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b400:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:12:14 GMT
via
1.1 google, 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1198351
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6948
wix-tracer
2ajMSUZ1c5aQ7h9hCD7mZ12Weqg
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
YPso4UCrST7Y837p18gX2cC0UyrCoUFfuvGzvKpHGE5qw1K3rf8C6Q==
x-seen-by
image-manipulator-7c76496fbd-vhhxk
4-Jeupmu.jpg
2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/4-Jeupmu.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="4-Jeupmu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2672
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
11-Franckyturf.jpg
1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/11-Franckyturf.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="11-Franckyturf.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3154
x-xss-protection
0
server
fife
etag
"v8b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:45 GMT
image.png
static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b400:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 08:03:10 GMT
via
1.1 google, 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
806495
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7434
wix-tracer
2awAhzSZdrSxs8oav62VyUuRXlc
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
O0ao6XXRLT8ZVMbvXGJwadRDRkd-BWiCxA2BmVO63KF0k4eSZy3veQ==
x-seen-by
image-manipulator-84f467849-xsdgk
turfologie1.jpg
img.webme.com/pic/t/turfologie/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/t/turfologie/turfologie1.jpg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 04 Jan 2015 19:31:40 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
71774
ETag
"54a9951c-47c1"
X-Varnish
75519785, 395238037 390317657
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18369
banner.gif
img.root-top.com/topsite/turfologie/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfologie/banner.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3122
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjaoyT6TqaZob47CAsqyTcs81%2Bh0FhiwoEbCI91fAnBVu7eWJYBb%2BFLar3X526fWAOFmedzAq1o5txpvGWLKohW2e%2FtPHbJEl6eo3LUj3n2XjCn2Rmwy8Z%2Bj4LsI8f3ReaQPJCnle%2FGqfrbE1WuW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84a14639ac1e7027-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175
blogger.googleusercontent.com/img/a/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v37d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="YANNPMU1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11922
x-xss-protection
0
expires
Wed, 24 Jan 2024 16:04:46 GMT
cont_bottom.gif
theme.webme.com/designs/red/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/cont_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60216
Content-Type
image/gif
X-Varnish
101489508, 395238053 392485145
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4031
Expires
Mon, 04 Mar 2024 23:21:09 GMT
bottom2.gif
theme.webme.com/designs/red/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/bottom2.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59503
Content-Type
image/gif
X-Varnish
101320512, 395238047 392779995
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1525
Expires
Mon, 04 Mar 2024 23:33:01 GMT
left_bottom.gif
theme.webme.com/designs/red/images/ 		129 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/left_bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60150
Content-Type
image/gif
X-Varnish
95229565, 395238051 392486225
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
129
Expires
Mon, 04 Mar 2024 23:22:14 GMT
bottom.gif
theme.webme.com/designs/red/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/bottom.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60150
Content-Type
image/gif
X-Varnish
100731231, 397251413 390987281
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1957
Expires
Mon, 04 Mar 2024 23:22:14 GMT
prono.gif
img.webme.com/pic/t/turfologie/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/t/turfologie/prono.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 04 Jan 2015 19:31:40 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
56
ETag
"54a9951c-4d31"
X-Varnish
163611660, 397251383 388393379
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19761
links.gif
theme.webme.com/designs/red/images/ 		661 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/links.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59910
Content-Type
image/gif
X-Varnish
97964190, 396933183 393284248
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
661
Expires
Mon, 04 Mar 2024 23:26:15 GMT
main_bg.gif
theme.webme.com/designs/red/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/main_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59674
Content-Type
image/gif
X-Varnish
102369546, 395238043 392648764
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1544
Expires
Mon, 04 Mar 2024 23:30:11 GMT
page_main_bg.gif
theme.webme.com/designs/red/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/page_main_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900688, 397251403 390851954
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1609
Expires
Mon, 04 Mar 2024 23:28:07 GMT
navi_bg.gif
theme.webme.com/designs/red/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/navi_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900692, 397251397 392182973
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8181
Expires
Mon, 04 Mar 2024 23:28:07 GMT
navhead.gif
theme.webme.com/designs/red/images/ 		306 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/navhead.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900696, 397251401 390851962
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
306
Expires
Mon, 04 Mar 2024 23:28:07 GMT
button_bg.gif
theme.webme.com/designs/red/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/button_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900694, 396933181 392489979
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3551
Expires
Mon, 04 Mar 2024 23:28:07 GMT
cont_bg.gif
theme.webme.com/designs/red/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/cont_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900690, 396933179 392489976
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1482
Expires
Mon, 04 Mar 2024 23:28:07 GMT
cont_head_bg.gif
theme.webme.com/designs/red/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/cont_head_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
95844037, 397251399 390851959
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6138
Expires
Mon, 04 Mar 2024 23:28:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6704d64d4a9c63f4145ae5cf525a7bc0e7e341afdcca11ec3a1a6b6ee0198a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139808
x-xss-protection
0
server
cafe
etag
4022952078991633403
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:04:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 0F5F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
83431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:54:14 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 16:54:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
221468_frame.php
www.linkredirect.biz/b-images/ Frame 70ED 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-624665710-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVlXNXYxKKUnmqanGqX&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVmXNXYxKKUnmqanGqX&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVnXNXYxKKUnmqanGqX
Requested by
Host: pubdirecte.com
URL: https://pubdirecte.com/script/banniere.php?said=132891
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN47543 (ATOM86-AS, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
4448e57627d206a158239bee1b118955ef88f407c813a8d7ff8a6c9b9cf7f9e2

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:04:45 GMT
Expires
Tue, 23 Jan 2024 16:04:45 GMT
Server
Apache
Transfer-Encoding
chunked
X-ssl
1
truncated
/ 		127 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
103839-200x90.js
www.cpmaffiliation.com/ 		0
0
eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=
asrv205.com/adframe/ Frame 8E32 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce01356ede85a0320d85110b6192cdac379c621f10f42d3ccac622c992163f4

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a146399cd499b0-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct4BkOmPBnY4ikKubxmbomBrGMnEEWuoR%2B4DGQY6JJvSCIuVCRWDdhrJd%2FDgqM3h0mRxRT8uFPYt5X0fT6XOOahq8CTReNyQa%2FOn7eI3I%2Bbnp%2B9H%2F92KVdQ2s%2BEyBmCt%2BEHVcKqoreN5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/ 		233 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
left_bg.gif
theme.webme.com/designs/red/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/left_bg.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900698, 397251405 393219465
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16492
Expires
Mon, 04 Mar 2024 23:28:07 GMT
left_bg2.gif
theme.webme.com/designs/red/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/left_bg2.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59798
Content-Type
image/gif
X-Varnish
93900700, 397251407 392542252
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23961
Expires
Mon, 04 Mar 2024 23:28:07 GMT
head.gif
theme.webme.com/designs/red/images/ 		285 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/head.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59382
Content-Type
image/gif
X-Varnish
95339500, 395238045 391406296
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
285
Expires
Mon, 04 Mar 2024 23:35:03 GMT
top.gif
theme.webme.com/designs/red/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/top.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59381
Content-Type
image/gif
X-Varnish
99569461, 397251409 392889300
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1729
Expires
Mon, 04 Mar 2024 23:35:03 GMT
main.gif
theme.webme.com/designs/red/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/main.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
59382
Content-Type
image/gif
X-Varnish
101323299, 395238049 392889293
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1215
Expires
Mon, 04 Mar 2024 23:35:02 GMT
rechts.gif
theme.webme.com/designs/red/images/ 		653 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/red/images/rechts.gif
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
60013
Content-Type
image/gif
X-Varnish
97136797, 397251411 392489270
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
653
Expires
Mon, 04 Mar 2024 23:24:32 GMT
logo_120.png
www.linkredirect.biz/image/ Frame 70ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkredirect.biz/image/logo_120.png
Requested by
Host: www.linkredirect.biz
URL: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-624665710-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVlXNXYxKKUnmqanGqX&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVmXNXYxKKUnmqanGqX&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVnXNXYxKKUnmqanGqX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.142.100.82 , Netherlands, ASN47543 (ATOM86-AS, NL),
Reverse DNS
ofwallet.bestpaths.net
Software
Apache /
Resource Hash
5ae7a1adba46f58f5d59595820d30f22673c04f6f3b54ae1f220a4a49cc7ec6c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-624665710-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVlXNXYxKKUnmqanGqX&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVmXNXYxKKUnmqanGqX&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVnXNXYxKKUnmqanGqX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:45 GMT
Last-Modified
Fri, 29 Dec 2017 18:02:08 GMT
Server
Apache
X-ssl
1
Content-Type
image/png
Cache-Control
max-age=259200
Connection
close
Accept-Ranges
bytes
Content-Length
1983
Expires
Fri, 26 Jan 2024 16:04:45 GMT
tagpdis.php
www.1clic1don.fr/ Frame 9E4D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/tagpdis.php
Requested by
Host: www.linkredirect.biz
URL: https://www.linkredirect.biz/b-images/221468_frame.php?url=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2023%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&sid=58972&said=132891&suid=24102142&tracker=132891-221468-%5BP_ID_CLICK%5D-624665710-45567&cp=45567&url2=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2024%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&url3=https%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Fredirect.php%3Furl%3Dhttps%253A%252F%252Fa.movingfwd.co%252Fredirect%252Fl%252F57922347-f3a9-48d4-b0b3-1e6f8dc1a00c%252F9fee8966-4422-4909-aa02-14467e575996%252F1984%253Ft1%253D132891-221468-%255BP_ID_CLICK%255D-624665710-45567-17-d--r-2025%2526subid%253D58972%26said%3D132891%26cp%3D45567%26id%3D34913696%26s%3D24120%26bann%3D221468&urlclick=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVlXNXYxKKUnmqanGqX&urlclick2=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVmXNXYxKKUnmqanGqX&urlclick3=http%3A%2F%2Fwww.linkredirect.biz%2Fscript%2Flink.php%3Furl%3Dm9en1NmfaJHHkZ%252Bl2MzQoJbYmZDGopSlmcbKq5iYrWifkmibn5drlZqaX5yVxJtmZJmZlpCVlZVnj5KeaZtxnZaUlJSWyGibzMiXbpuZmGZklWeUkGeeY22PwppjZ2ZqZ5dpm8uacJefnGhlk5yabW%252FVZp%252BUZpdrbZOOa2VmbW9rkI60xa59wamve3mtwI9vYpVrmJhqlmNhlpZuaWxmamqQl5GT12aUlpVnXNXYxKKUnmqanGqX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6525eed4cfe7ef3c5d6a97c8a2554b6109c1ef86b9b790e16c020d443f04072
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.linkredirect.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a1463a18d5024b-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAasElgD4Mf4h5ofAfag6wKwvMdP5JCiDyT60JJIALmrkTF1kVSNiD6FPPzoGn04z%2FyTA9%2BOvn0oQkGdyZm68UxzRiEJQ0LX57qpyVBolmbkOhw4pcNLKyF7KZYZwCvjJOobNIfYs7KeRki2FrYD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
ETUUI_Banner_300x250_200210.gif
nextlevel-f353.kxcdn.com/ETUUI/ Frame 8E32
Redirect Chain
  • https://t.adcell.com/p/image?promoId=214802&slotId=105746
  • https://nextlevel-f353.kxcdn.com/ETUUI/ETUUI_Banner_300x250_200210.gif
69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nextlevel-f353.kxcdn.com/ETUUI/ETUUI_Banner_300x250_200210.gif
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
622b7cf96e813affcbbef000347b2d4444b6d76f5f7dd158bc021c31db3900cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://asrv205.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
last-modified
Mon, 10 Feb 2020 20:52:54 GMT
server
keycdn
x-edge-location
defr
etag
"1150a-59e3eec597580"
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
link
<https://media.imocash.com/ETUUI/ETUUI_Banner_300x250_200210.gif>; rel="canonical"
content-length
70922
expires
Tue, 23 Jan 2024 17:04:45 GMT

Redirect headers

date
Tue, 23 Jan 2024 16:04:45 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://nextlevel-f353.kxcdn.com/ETUUI/ETUUI_Banner_300x250_200210.gif
cache-control
max-age=0
content-length
0
expires
Tue, 23 Jan 2024 16:04:45 GMT
impression
nextleveldefend.com/ Frame 175D
Redirect Chain
  • https://t.adcell.com/p/view?promoId=269847&slotId=105746&pv=1&htlp=1
  • https://nextleveldefend.com/impression?CID=24__nxt__BID=0__nxt__SRC=165__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=269847-105746-&adcref=asrv20...
0
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nextleveldefend.com/impression?CID=24__nxt__BID=0__nxt__SRC=165__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=269847-105746-&adcref=asrv205.com%2F
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.247.201 Pullach im Isartal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.247.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx/1.18.0 (Ubuntu)

Redirect headers

cache-control
max-age=0
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 16:04:45 GMT
expires
Tue, 23 Jan 2024 16:04:45 GMT
location
https://nextleveldefend.com/impression?CID=24__nxt__BID=0__nxt__SRC=165__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=269847-105746-&adcref=asrv205.com%2F
server
myracloud
strict-transport-security
max-age=15768000
eyJjYW1wYWlnbl9pZCI6MywiY3JlYXRpdmVfaWQiOjcsInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhL...
fwdtrk.com/track/ Frame AD8B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MywiY3JlYXRpdmVfaWQiOjcsInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IkZSIiwidHMiOjE3MDYwMjU4ODV9
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.183.9.176.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:04:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
ads
googleads.g.doubleclick.net/pagead/ Frame AA97 		374 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706025885&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025885586&bpp=3&bdt=172&idt=238&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1817310564721&frm=20&pv=2&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17f170598217be7334568b0d63aaf2a76951a50eb20197d23805471c49fd14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
98502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.min.js
arc.io/ Frame 9E4D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
30396828f2c2fb5e4e4d9c26b0286552cf17243411ac0d5d8b97e1fd9a7595c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:35:11 GMT
content-encoding
br
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 03 Jan 2024 18:03:16 GMT
x-amz-cf-pop
FRA6-C1
age
1774
etag
"6595a164-b86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
content-length
2950
x-amz-cf-id
IBQxNZO6Ee9q7IV22WLQbTvUFBAy039DjZFkLBB0teaHzwimyhS0Kw==
style.css
www.1clic1don.fr/style/ Frame 9E4D 		163 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/style/style.css
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/tagpdis.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Jul 2019 15:22:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3714
etag
W/"28b20-58d7d7a8c8304"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtXUdnZTOoxNYQ9NhQZwyG%2FBuvszxLtEyFhSVtmvAaUmVnZ4DFP27%2B4zGZYZBZ47Sq6tJvIroCntD0W4H1H6uaHmysaKcxpUgp3ca24CVprUamOyIIGclcYXDuqkqdy86S0oDm1eJdb73n3U4kMc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84a1463aa9d1024b-CDG
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
www.1clic1don.fr/js/ Frame 9E4D 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/js/bootstrap.min.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/tagpdis.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 23:32:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3714
etag
W/"9004-58ab0224731cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ogu05ye3skOJOQy6wMxa5dqT29GHHQhXP1%2B5EDvHzJpwQZlwD%2BSjDQtDN1YUpFNMWkK36y%2BFmUrevvKHdPj3KlAyC4jG%2F16rGIpFzYmiBx4HJ9bxRpx%2F%2B1gCyfuNGxBtpV6fn25t7FsyubrriPSu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a1463aa9d4024b-CDG
alt-svc
h3=":443"; ma=86400
ads.js
admediatex.net/serve/ Frame 9E4D 		1 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/ads.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1211398
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 31 Dec 2023 15:38:35 GMT
server
cloudflare
etag
W/"65918afb-449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE9grZyF8G0MYFVQFKOA3ZmOR%2B%2FUT1sb%2F9s4wfusQqLblUehbMFOLajVEItWVGRFMp2ckcgSSy5ms4qpTY0ndDaTUIF4J8v9Yd484hKsOYgk3EMUck7iJzEZSATth36TJ8pZ0l%2FxCrx9cQh%2B1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
84a1463b0baa0062-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
track
fwd.fwdtrk.com/ Frame AD8B 		0
0
d
visifeed.org/ Frame 74F8 		403 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MywiY3JlYXRpdmVfaWQiOjcsInB1Ymxpc2hlcl9pZCI6NCwiem9uZV9pZCI6NiwiZnJhbWVfdHlwZSI6IkZyYW1lcyIsImZyYW1lX2d0bWRvbWFpbiI6ImZ3ZC5md2R0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6IjYwYzkxMDZhLWRkN2ItNGYzYi05Nzg5LTQ0MTUyM2RkM2M1ZSIsImZyYW1lX3RhcmdldCI6IjhGWSIsImZyYW1lX3RhcmdldF9pZCI6MSwiZnJhbWVfYWRkY291bnRyeSI6MCwiY291bnRyeSI6IkZSIiwidHMiOjE3MDYwMjU4ODV9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
6bf25c4e918474f83120ae20c1b3e74a6061d10b5450ec534bb91f31abe42f89

Request headers

Referer
https://fwdtrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:04:45 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
ce46219f-7acd-42ad-af2e-6f58f1aaeac1
campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ Frame DE46
Redirect Chain
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1
  • https://collecte.numeo.acpm.fr/track?link=20685&n=20240112&cible=https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
  • https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
513ffa432793c07ddaf9337af31f05949b713c6c43019582aa136fd4d1e01f53
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:04:46 GMT
etag
W/"8c8-7OWuD+VCZpZ4FW8McG6isL3UIRM"
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
274
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 16:04:46 GMT
location
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
server
nginx
vary
Accept
x-powered-by
Express
x-robots-tag
none
click
clk.tradedoubler.com/ Frame EBFC 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.114.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-114-28.eu-central-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
b7a189292e95b57810ea47d112fd1feb7c222f462a626d6f8188fd8a55f6d32a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
3571
content-type
text/html; charset=ISO-8859-1
date
Tue, 23 Jan 2024 16:04:45 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
/
adnade.net/ptp/ Frame DE9C 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adnade.net/ptp/?user=pas30
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0987ec55011fe794ca7c394da32f90ca9c34ffb1b94641c21614132f09142161

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:45 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
charlevoixpro-bold-webfont.woff2
www.1clic1don.fr/fonts/ Frame 9E4D 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/fonts/charlevoixpro-bold-webfont.woff2
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/style/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.1clic1don.fr/style/style.css
Origin
https://www.1clic1don.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:45 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5665
alt-svc
h3=":443"; ma=86400
content-length
22524
last-modified
Thu, 06 Jun 2019 23:14:59 GMT
server
cloudflare
etag
"57fc-58aafe2079f9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn91w%2FXJb0%2BuOJDPdX27lg8lqiYB1533K3hXwklfkp6YraUhDfCEGS1Kjv5MIzDfEjuE7ECRnXujwK9ChrYe5UC7IzWjbgc9iGmiDGifUFJpeaBJ59fqC8VAWe1eIO7EviX9zO1M1u6M5MIrBhQq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a1463afa7ed6c6-CDG
show.php
adz2you.xyz/serve/ Frame 3727 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adz2you.xyz/serve/show.php?a=33&b=468x15
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:f90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-ray
84a1463ba9eb6fa6-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiUAiPqniARQzKRm0g0zJ3vTHOhBhQZLj3N8%2Fuid4MMzzc01tHiQwmScpseXBv029mgkD0QWGsB8Q2VBkDLNuGXe0jEwkgZ0h4sG78xFNVEqrRdMvavLPP6%2FJCgjw1JCx65TDLcJP1V4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
show.php
adz2you.xyz/serve/ Frame 9F86 		10 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adz2you.xyz/serve/show.php?a=33&b=236x15
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:f90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
887ee4fd5820088063e31ee2e61869155c1438e27e9f1b116d8fe3bf60829ea7

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a1463ba9e86fa6-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZpIB5Bp0V0WtCLnfRyuZVwbIGPkPxUl1YN5auRbOuuWoedQdYtdKaEjPZs%2FHnfR41sq5wykv62Jy12vpDY%2BsHw1K8XWv0tyy79kF%2FHGsq7QFev1pc6O49EPi9BKeC3vD3L8YpKMaHb9mw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
main.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 84AB
Redirect Chain
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d38b978448f577823cb61c1770273092991d7805b3ea8de4b7efc7fc3c73b3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=456d0gkKM8w4K%2BaSpoUGDHzqysn1U0v72uZCMCOME78uzyppe96MyjTE0bv4x0%2Bzvjeg0XZr7gNr99Bjg4aIhbH5rgygHweT%2BnuBeELB8RTGgK3VUGlFhe4uKgYajYYTUVeJaPHiOQmGFSXlOg3m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84a1463b7b35d6c6-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 23 Jan 2024 16:04:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWUPaxlgJs5%2FfZL26DA7yJmPVmxhM120L2%2B28sBceYYThWfCZqnTn7%2BJYB%2F4cyVD%2BmkusTNcJfQReRFk%2BhZKUhbWRXAxF%2FRIr4hlqV9Ocg%2BK1acnYDCgn%2FBZJG9rIX%2BnD7iMVykbCxKDLEU%2FXUc%2F"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84a1463b5aeed6c6-CDG
alt-svc
h3=":443"; ma=86400
core.js
static.arc.io/widget/js/ Frame 9E4D 		310 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?76bc4f3
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
cdd2c81aadd2f0eeb770acc7652cf1c421271c05886f0ef337264c6fada0e142

Request headers

Referer
Origin
https://www.1clic1don.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
84H5Q0PRTFWMFCBH
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:40
cdn-pullzone
786569
x-amz-id-2
mpCaAwlRr9RTvSWc/fMd30v0iKgP+j3JdUxqhlqAyByPto962Rhtjyn3w2c/z4Fv/imGKhjXHNQ=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"eccc534be4c6f4d98fcd62e2d4fd5a4e"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
61cde96cf54d83fb946b5be737ae2b40
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
broker.html
core.arc.io/ Frame 8F1E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?76bc4f3
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.1clic1don.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-cachedat
01/03/2024 19:10:38
cdn-edgestorageid
1080
cdn-proxyver
1.04
cdn-pullzone
786568
cdn-requestcountrycode
FR
cdn-requestid
75a3637782e8e8afa7b51f30614ba395
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 16:04:46 GMT
etag
W/"64331d06-612"
expires
Fri, 02 Feb 2024 19:10:38 GMT
last-modified
Sun, 09 Apr 2023 20:16:06 GMT
server
BunnyCDN-DE1-1080
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
fpjs.js
vht.tradedoubler.com/fp/ Frame EBFC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/fpjs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.218.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-218-19.mxp63.r.cloudfront.net
Software
Apache /
Resource Hash
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Via
1.1 4493dc3008710a8dfc9586c416757fbc.cloudfront.net (CloudFront)
Date
Sun, 21 Jan 2024 19:49:16 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
MXP63-P2
Age
159331
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7718
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 09 Oct 2023 08:54:59 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
R57hIHT8V4Ih5slALbNgveoUDzn8oEZuzehuLuk9BXDMtcz6UVlg1A==
logo.png
adnade.net/images/ Frame DE9C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/images/logo.png
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Dec 2023 03:50:38 GMT
server
nginx
etag
"657a7b8e-543e"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21566
expires
Wed, 22 Jan 2025 16:04:46 GMT
ptp.png
adnade.net/ptp/ Frame DE9C 		343 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/ptp/ptp.png
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:11 GMT
server
nginx
etag
"651b7317-157"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
343
expires
Wed, 22 Jan 2025 16:04:46 GMT
jquery.js
cdn-binance.com/ Frame DE9C 		763 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
578fb052b894637e479ec503302e4eef748631926ce0c37d1e06193402cbed9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
x-xss-protection
1; mode=block
jquery-3.6.4.min.js
adnade.net/ptp/ Frame DE9C 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnade.net/ptp/jquery-3.6.4.min.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Dec 2023 20:17:08 GMT
server
nginx
etag
W/"65907ac4-15e6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 22 Jan 2025 16:04:46 GMT
consent.js
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame DE9C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
778aa4b81cf3e0bbfccde36672efafd9df4de3e3c16c9aa679c1129bae4f543f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-664
cdn-cachedat
01/22/2024 23:58:13
cdn-pullzone
236985
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:22 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"659c9e2a-960"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-requestid
0ea3430f405ec604beedeff501b256f2
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
/
sparkasse-fickmuehlen.de/partner/ Frame 5970 		333 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sparkasse-fickmuehlen.de/partner/
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h115.hubuhost.com
Software
nginx /
Resource Hash
aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adnade.net/ptp/?user=pas30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-length
333
content-type
text/html
date
Tue, 23 Jan 2024 16:04:46 GMT
etag
"63e99d0e-14d"
last-modified
Mon, 13 Feb 2023 02:14:38 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
i
visifeed.org/ Frame 74F8 		408 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a102ad&ci=yCbu4Nw%3B&its=9F%5Bt%2ALp5e7bA%24QD%3BujPWbV%5C&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
5275b4666a88ff829ede4fc8c2a3fd6f9e8c01ab721a05108366a86ce134db5f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:04:46 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
84a1463a18d5024b
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 84AB 		0
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/jsd/r/84a1463a18d5024b
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdLgT5WG1eItTkS%2FiUIgM1%2F2fRspe1DnwjmnJVuvJ1bz4RVBDOurg%2B5OkQCMyLChZM8fVOatUwpGxrystcqHLUwBwco1PwgvPPJfN%2Fr9H2TFOYPAjIj%2FaWHuqoEse%2FJMXv4EGeMjrZRwaEmc%2BHWh"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
84a1463c0bacd6c6-CDG
alt-svc
h3=":443"; ma=86400
page_bg.jpg
adnade.net/images/ Frame DE9C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/images/page_bg.jpg
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-6f1"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1777
expires
Wed, 22 Jan 2025 16:04:46 GMT
main_bg_oben2.gif
adnade.net/images/ Frame DE9C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/images/main_bg_oben2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-c00"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3072
expires
Wed, 22 Jan 2025 16:04:46 GMT
main_bg_mitte2.gif
adnade.net/images/ Frame DE9C 		1007 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/images/main_bg_mitte2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://adnade.net/ptp/?user=pas30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:07 GMT
server
nginx
etag
"651b7313-3ef"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1007
expires
Wed, 22 Jan 2025 16:04:46 GMT
broker.9e6bf337.js
static.arc.io/broker/js/ Frame 8F1E 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.9e6bf337.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
3TKY14WA7RT0VQZ9
x-amz-server-side-encryption
AES256
cdn-cachedat
04/09/2023 20:28:39
cdn-pullzone
786569
x-amz-id-2
7gogZ6O4sjXuuXlA0jiOTMvJ+jF16/8eDFOj5VgvNDMQpxIwXF7px+QGM4nRy9tEWn8Ow3z5IfM=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"0f4be176d7381439a060ff326b994fd2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
4ec835663a5caa4f9a5ecb9258b08d89
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
chunk-vendors.5e1d8045.js
static.arc.io/broker/js/ Frame 8F1E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
S7DVPSYFSBV34K6P
x-amz-server-side-encryption
AES256
cdn-cachedat
01/21/2024 18:36:35
cdn-pullzone
786569
x-amz-id-2
jekDOvXaCzX1BT3BLB9xyl6fiXDsdWOIGNdh78AEkd5ZNau81BYCcIhXvg0UtmL+S245JfJlDkA=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"c78a505ea0c6b4622562567efbbeb847"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
9badde5f14cc41e67cdc5cc9925f145e
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
d
visifeed.org/ Frame 2AA9 		347 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&ci=yCbu4Nw%3B&its=9F%5Bt%2ALp5e7bA%24QD%3BujPWbV%5C&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a102ad&ci=yCbu4Nw%3B&its=9F%5Bt%2ALp5e7bA%24QD%3BujPWbV%5C&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
4c53c6ba9f5e325bb854d56fba0ef6495409ee9661fdecc9903bc71ac2498f21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 16:04:46 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 8F1E 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
9WD718SH73SSHMZ7
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:52:40
cdn-pullzone
786569
x-amz-id-2
jwrzNVpxy+i1mS/N/l577v4ox+ukfrpjgmX4rF76e9TSPHNoYO0CdjMI3zyK1afVCHGm3nd2C84=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1343454a1c763177d59f06c307b3a5a2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
c021c4d83aa1ab7756fd0276fdfaa77f
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 8F1E 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
CP6YZNWNJJ5KYQVA
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 19:02:36
cdn-pullzone
786569
x-amz-id-2
+F65twGIouACOFn4YbfAePvhu7ePLb4OU3MlB/hdk9Ad1mG/m3PJjcaei5Pdxavr48zibokx+xI=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d03c11be3537746519138d1fe06bd033"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
319d24e253326f57cb7322006a04901b
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
/
deli.misaglam.com/prepare/channel/ Frame 16FC 		424 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Requested by
Host: sparkasse-fickmuehlen.de
URL: https://sparkasse-fickmuehlen.de/partner/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h115.hubuhost.com
Software
nginx /
Resource Hash
e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sparkasse-fickmuehlen.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
vendors~widget-ui.js
static.arc.io/widget/js/ Frame 9E4D 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
HJ5PATNKDH1WA5NT
x-amz-server-side-encryption
AES256
cdn-cachedat
12/22/2023 20:00:20
cdn-pullzone
786569
x-amz-id-2
QkdRIxDXVTSS9MfbHO0Lab4J8jRdw+WEG1bFnck2OrSV/6BLKE7QYAGnoYgbs/BiwmVHYxKs1Tc=
last-modified
Wed, 20 Dec 2023 16:47:53 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"de8ab4879bd77ebe629c721339d42f65"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
fe64f3df6e7a699763909dfd18dd05c1
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
widget.css
static.arc.io/widget/css/ Frame 9E4D 		85 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
5bed5ca0c4789d53c4a6543be8e9d3b5
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
widget-ui.js
static.arc.io/widget/js/ Frame 9E4D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?6e086999
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
52Z9DTJA7K12XFSG
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
LfzKyva/npq+SoTQIq4nC+dLxvKo4Y6yAqPiyk57eNb+1yziIk2p7JX53hi44P20UWQzBPCRxTc=
last-modified
Wed, 03 Jan 2024 18:03:35 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"932fe4d4a9d62f8d6cdc378aac6e8030"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
91a6ef1a6410ed6e76df75e109c4ceb0
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
redirect
api.yieldads.net/ Frame 2AA9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&ci=yCbu4Nw%3B&its=9F%5Bt%2ALp5e7bA%24QD%3BujPWbV%5C&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-150-140.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/8.2.15
Resource Hash
846200635ae31e9bfdf641c272e9806a210244c81bc8ea0783e7b67bd54d2831

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
x-powered-by
PHP/8.2.15
/
embed.chatlotto.de/ Frame 8D20 		701 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.chatlotto.de/?chatroom=71aea55f3f44091b
Requested by
Host: cdn-binance.com
URL: https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
a785a26bb3b8b264ac0aca8a7c009368f5a0efc961b0f295d8bbd835e83efbc4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
* *
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
2276544
ad.a-ads.com/ Frame 889D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
726ec80491e4a5737cfe940e78a9d63507caa76317e480ba377da01564f40f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
/
deliver.adnade.net/ Frame 4774 		2 KB
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
4d942171c7ce56fe84b49753515a3049b9a1d36f51e39e1bb341f681958aae9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
index.php
adnade.net/ptp/ Frame DE9C 		4 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnade.net/ptp/index.php?tsp=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTV&a=12c3a46e4d515c3066634994d2fc7cec&d=1706025886162
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/jquery-3.6.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
matomo.js
tool.hubu.link/ Frame DE9C 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 10:11:46 GMT
server
nginx
etag
W/"6565bce2-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 22 Jan 2025 16:04:46 GMT
banner.no-autoblock.js
consent.cookiefirst.com/ Frame DE9C 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.no-autoblock.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
4519dcfd6761d4544169db04ea25dc66a333690dc705d07139c3b8275c9b9ebb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-383
cdn-cachedat
01/17/2024 08:39:34
cdn-pullzone
236985
visitor-location
FR
last-modified
Wed, 17 Jan 2024 08:39:34 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65a79246-f9c4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=300
cdn-requestid
67bb9eb8074e1ad51b1dd660fb2cf7a0
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
main_bg_unten2.gif
adnade.net/images/ Frame DE9C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/images/main_bg_unten2.gif
Requested by
Host: adnade.net
URL: https://adnade.net/ptp/?user=pas30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:06 GMT
server
nginx
etag
"651b7312-7f2"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2034
expires
Wed, 22 Jan 2025 16:04:46 GMT
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 8F1E 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
CP6YZNWNJJ5KYQVA
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 19:02:36
cdn-pullzone
786569
x-amz-id-2
+F65twGIouACOFn4YbfAePvhu7ePLb4OU3MlB/hdk9Ad1mG/m3PJjcaei5Pdxavr48zibokx+xI=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d03c11be3537746519138d1fe06bd033"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
fa513c9d8ca07e756cbbeb9b90c87f97
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
wgpizbdq.js
ad4m.at/ Frame 16FC 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:17:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
542785
etag
W/"f7e2edbbc5398e97ba0f7e5b598e4cd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oThA%2BR93N0wi%2BRPZXsFCAA4vcVXwmj7JzEamnopl7T1bf7i5C7MNE%2FDdB%2F6hbodkJ2F8mwXATKegeBZJ7fWHvvsFwXRaZYSGLiRoMvow6%2Bacss8207xMkem8FKfk%2F4vvjg1Qsl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
84a1463d2b90d574-CDG
alt-svc
h3=":443"; ma=86400
expires
Wed, 10 Jan 2024 09:18:52 GMT
version.json
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame DE9C 		44 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/version.json?v=1706025886216
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
f865514efd53f7cda25e74bd902e27fab65f0136ffb541548c5cb3b0fb7f9702

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cdn-edgestorageid
1080
cdn-storageserver
DE-662
cdn-cachedat
01/23/2024 16:04:46
cdn-pullzone
236985
content-length
44
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:22 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"659c9e2a-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=15
cdn-requestid
39bf60f9e8ba12b739dec04ddb8ddbbb
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
fp.min.js
api.yieldads.net/js/ Frame 2AA9 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/js/fp.min.js
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-150-140.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 09:29:25 GMT
server
nginx
etag
W/"65af86f5-864c"
content-type
application/javascript
empty.gif
adnade.net/ptp/ Frame 4774 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnade.net/ptp/empty.gif
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 01:49:11 GMT
server
nginx
etag
"651b7317-2b"
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
43
expires
Wed, 22 Jan 2025 16:04:46 GMT
css2
fonts.googleapis.com/ Frame 889D 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:17:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 16:04:46 GMT
468x60
static.a-ads.com/a-ads-banners/491422/ Frame 889D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/491422/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2276544?size=468x60&background_color=618cb8&text_color=000000&title_color=ffffff&title_hover_color=dadada&link_color=d8f15e&link_hover_color=ff0000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx /
Resource Hash
b308a0c8ee09f8af80d805b2f4a9e72c10d19de250db745722f387294cf8e5ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
x-amz-version-id
cGSk_fIIK8hernOSNr0DYkO8UVvraX9.
last-modified
Tue, 28 Nov 2023 15:10:02 GMT
server
nginx
x-amz-request-id
4YEFXQ1G2XYNCV9X
etag
"9368d128e7953ae9baee16af5defca4e"
x-amz-server-side-encryption
AES256
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
22423
x-amz-id-2
HWXu3LbdXdubzbRbtEjhaaxrQKaFI/73+SyKQs+3rfe7Tyn0DAVudpnXnGV8ikY7nw+jJe9syPw=
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
eu4-de84.muggel.net/ Frame 9F63
Redirect Chain
  • https://billigerscheiss.de/?t=1706025886&ln=1
  • https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
11 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d6e6945a2063e83385d8dd9d2e881c57c1e14459def5201eabc3aa19f0bd4373
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
location
https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
/
pornito.de/ Frame 78E2
Redirect Chain
  • https://adnade.net/surfbar/?p=1
  • https://billigerscheiss.de/?g=0
  • https://pornito.de/
71 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pornito.de/
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
2ce473a303eda839eb949834be60bf6fb5423f1bb490b638286fefb82eb191c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 16:04:46 GMT
etag
W/"65a20c0b-11a89"
last-modified
Sat, 13 Jan 2024 04:05:31 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
location
https://pornito.de
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
matomo.php
tool.hubu.link/ Frame DE9C 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=054178&h=17&m=4&s=46&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dpas30&urlref=https%3A%2F%2Fwww.1clic1don.fr%2F&_id=32ccfc57330de411&_idn=1&send_image=0&_refts=1706025886&_ref=https%3A%2F%2Fwww.1clic1don.fr%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=HLRRw5&pf_net=72&pf_srv=29&pf_tfr=1&pf_dm1=150&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://adnade.net
date
Tue, 23 Jan 2024 16:04:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-credentials
true
server
nginx
x-xss-protection
1; mode=block
cookie-frame.html
ad4m.at/ Frame 9CD3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
2160148
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
84a1463d7c3dd574-CDG
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llDw1OJbfN84%2FUcWLuTegYfmDwZiEMYgWIKOrsQBMXFRG1%2F%2F0LXjfGSrCZGBMQpvumzXPohp9EF7yJGvtvlJzxl9gRnoBs3ZHKmgDWICyUJV4RqiDAq8s0szU7uJec7J8HSjzls%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
location
edge.cookiefirst.com/prod/ Frame DE9C 		68 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.cookiefirst.com/prod/location?origin=adnade.net
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
171e2569e608b742edc6927b3285c52256203a6bfbe958f35d78f59639b6fb66

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cdn-edgestorageid
1081
cdn-cachedat
01/23/2024 16:04:46
cdn-pullzone
717911
content-length
68
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://adnade.net
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=1200
cdn-requestid
e831ac5605a963f3dba5f31a7e539c34
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
becely.com
findarios.com/search/ Frame 2AA9
Redirect Chain
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
  • https://findarios.com/y?t=becely.com&cid=8d0539c10f144e0524346d7896d2752fe52a70373b194d8685d2fe4b1d0c6232&identifier=da1f6ec6f064d0cb
  • https://findarios.com/search/becely.com
528 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://findarios.com/search/becely.com
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.83.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-83-91.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
3680fa4b70168d280a6e842e96952315246cf033e1b08213dc627cc279b64110

Request headers

Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=91c8ea86d81ee93e7b08dbf8b17693cb4725ac69fa8a80be4daa7ce968a10200&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://findarios.com/search/becely.com
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a1463deedc02d1-CDG
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 16:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGd67BVuxJDVFzq3oZORVp8PsnKbnCy93wmJOknUkbOktoQotDU3xIP22PiscZaKeJ1ItlIx3M19gEMANy4LdBTYpz2ThKEQ1MgW1gJe%2BtYOnfj14BG3Nqw5mVJPyh%2BZIDvsbBY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-k5cv
rs
ad4m.at/ Frame 16FC 		477 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab70deac1b374a09a6ee6fd95a5b7a35805a4065385592399197f65f23b9edc

Request headers

Referer
https://deli.misaglam.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqLFaXJwSYEBWP0X0ZRrs9wdAky%2FfynsIfvXifScIf8V1mZZn3mRdnU3q465bD2Yj%2FruVqa1BJdCsjFL2t9JVmRdAfpXFZUiwa0ThMDLdJ2bMWRIc%2BiCAbKZ9JVbAKy217g%2B1hQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
access-control-allow-credentials
true
cf-ray
84a1463e3f3b02d1-CDG
x-backend-server
aa-reachservice-group-europe-west1-k5cv
alt-svc
h3=":443"; ma=86400
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdd20c446b3e870371aa701af150ea3306476c628bae4b4f043b0839c0098d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56684
x-xss-protection
0
server
cafe
etag
236272113100160931
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:04:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 56AA 		706 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1037&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fd0cda7dcc3a5bbdfacaf4d5060bd38479d1742a03a12b4f5b4b92b5d4d0a3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 969E 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45bac1a49db6ecb8dd113a009f880006439820561f7b5bdb366b57cc94738c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18093
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&hl=fr&pvc=3977645808539295
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://turfologie.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame C097 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39bb54afea6ec3fbe9fa8279f5248cd97a434b7039a1407ecd47d452a477b4a5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a1463e8dc0d574-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
lang-widget-en.json
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame DE9C 		12 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/lang-widget-en.json?v=c80cd27b-e785-433b-a519-6cad7f6fd3a3
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
c3c8a840523cbfaf32de76e8decd6d6aa6a3914ea36f811c4c8b0a1190368ed4

Request headers

Accept
application/json
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-662
cdn-cachedat
01/09/2024 01:15:24
cdn-pullzone
236985
visitor-location
FR
last-modified
Tue, 09 Jan 2024 01:15:21 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"659c9e29-3135"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
b5d4fd2312c6a384f6b76674c660b02e
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
go
r.linksprf.com/v2/ Frame 2AA9
Redirect Chain
  • https://r.linksprf.com/v1/redirect?url=https://becely.com&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/search/becely.co...
  • https://r.linksprf.com/v2/go?t=5t0p7%3Ac%2F0wa.0i5k9ud.9o5%2F2r3c4%2F04213z1d0Z4i3rvHdruPmucWy6eKeyFR%25C23AY%25bpUtv%3DarZ%3F_pUaf7goKSMAIYaVKu5lnhztisu3L%25xFL2JbScFlH.Tor%26TiU%3Dc0m050o0u4n8129...
2 KB
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=5t0p7%3Ac%2F0wa.0i5k9ud.9o5%2F2r3c4%2F04213z1d0Z4i3rvHdruPmucWy6eKeyFR%25C23AY%25bpUtv%3DarZ%3F_pUaf7goKSMAIYaVKu5lnhztisu3L%25xFL2JbScFlH.Tor%26TiU%3Dc0m050o0u4n8129ck0a1tdmfc4x1bbn3l6w8w3%2F4s2tah&e=1&ai=f1539fbd16e34aad808cc5b6d428ce5a&sct=0&ct=1706025886640&cu=20c40312d5f94d19b5306a803c4720a5&ykuid=3c42b26d2455406a922baa4d27aa5673&sc=1&cs=266e1398c42463257cf426c22783c86c
Requested by
Host: findarios.com
URL: https://findarios.com/search/becely.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1e7e0d57ff637608c08768bb168a52869d9bd7ca993b5196c06e48b7033b17

Request headers

Referer
https://findarios.com/search/becely.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84a1463faaf602dd-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 23 Jan 2024 16:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZfViwujLbFXpoBiNoewNESLbAwRT13Y8ZiyZgOkD5kZYnkZCbB4u3Z%2BotE%2Bmo1PrVOEEuI%2FYIBdDz06OxSfMFvl%2FYYq%2Fa8RknpzT9YLAeDotF%2FOVizfLrLVux7OcGrSJWvsuhWJ%2BrhPCLNK"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84a1463f3a3702dd-CDG
content-length
0
date
Tue, 23 Jan 2024 16:04:46 GMT
location
/v2/go?t=5t0p7%3Ac%2F0wa.0i5k9ud.9o5%2F2r3c4%2F04213z1d0Z4i3rvHdruPmucWy6eKeyFR%25C23AY%25bpUtv%3DarZ%3F_pUaf7goKSMAIYaVKu5lnhztisu3L%25xFL2JbScFlH.Tor%26TiU%3Dc0m050o0u4n8129ck0a1tdmfc4x1bbn3l6w8w3%2F4s2tah&e=1&ai=f1539fbd16e34aad808cc5b6d428ce5a&sct=0&ct=1706025886640&cu=20c40312d5f94d19b5306a803c4720a5&ykuid=3c42b26d2455406a922baa4d27aa5673&sc=1&cs=266e1398c42463257cf426c22783c86c
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4A8JCPEKt2wvEQQplXrS3e8%2FaqbYoyCjC9cEvW30x0lIEpyZK8B7a17mnUOnOC7J0EN2aWTaX2Od3EoOwKRxcB05QCmndBy%2Bk9IGjhWoe4j1pPm%2F0d7R%2FVpN28Omysb8%2FJYgsdzDUfIzKkC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C097 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
784323
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98HyYIAjCeVFUQfhvmvZISHM%2FA63jhSUIj7PUpEcPJ%2BkCFazLU437VWrYLrHwY8rAxP2L18tSE%2FSzcz%2BwAhILWF4WfUbkI2mQf3s7VndRx%2BMf2ehZqfugHaPcPXsU9mW%2BUIRpy75iB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84a1463eeb657904-CDG
expires
Wed, 24 Jan 2024 16:04:46 GMT
0F772491FDDBD07918525D9276C2041C38F89A59F1B8917263CB1F77918EE4AACA7F98C897F0330E7E242F3A08F21D8B9E835C0C15CC9892E65E42F2CEA2E6B2
assets.ad4m.at/logo/ Frame C097 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/0F772491FDDBD07918525D9276C2041C38F89A59F1B8917263CB1F77918EE4AACA7F98C897F0330E7E242F3A08F21D8B9E835C0C15CC9892E65E42F2CEA2E6B2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10daf29f71ea1157ffb5b7f047ae9acffe040c5142c039ea0bc75d6acdd3c61b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
504235
cf-polished
origFmt=png, origSize=19190
alt-svc
h3=":443"; ma=86400
content-length
6264
cf-bgj
imgq:85,h2pri
last-modified
Tue, 16 Jan 2024 09:51:04 GMT
server
cloudflare
etag
"e7d6675ce414d3e4b19267e80e370387"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A03Ado0I%2FXKmbiJIstI0LZlnHD%2BjysVDotyV5fQhYhUNRf%2Bi6HwPWpjow3b0oNyWoHtJR23SMfI5wgMtPRr0O9tEZXmwKEads59wb17VBl3sB700RyoFNUJQ0juTMo4Lz6VpdiIx5%2BAYbGkf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee33d574-CDG
82E9D9342D68059E1C692239414C13F1777C72109321B4C3A95AC91FF83376734F11E8A47E006A478992E7894B58C2D1011C36518E4078C32EF3CA49528926BE
assets.ad4m.at/ Frame C097 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/82E9D9342D68059E1C692239414C13F1777C72109321B4C3A95AC91FF83376734F11E8A47E006A478992E7894B58C2D1011C36518E4078C32EF3CA49528926BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8ccbe49451b6a054a1ba154498c0d2c1bd9c404fd433ee2d835cf7de229c98

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332000
cf-polished
origFmt=png, origSize=484891
alt-svc
h3=":443"; ma=86400
content-length
311102
cf-bgj
imgq:85,h2pri
last-modified
Tue, 16 Jan 2024 10:08:25 GMT
server
cloudflare
etag
"f431904a52541c87d05c805f4d7ec301"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJZtchbuFJsgOlHZ4QtS9VhwYLtfsR5ZdkETlqc5r19ToqvCDibSuDqgP9c5OwF0KuzvHJe0oPgbusFkUplspG1RE%2F%2BBEgy%2BivmTeTpkfFwTpzcM5Alb%2BEM0nSiTJEP9qaXJfykTpQEyHCMl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee30d574-CDG
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame C097 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31058
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnObVl%2FZgrI3imayvLNAyfNx%2FLKpXE8oaH%2Bw%2FSS3Nd%2FGsrYQ1LBsDPTVRRO2LRuYzNDocI8HXU%2FI9CTmg9o1f8vZZ6RdkBETBugQhxj08n5j4p2ym%2BSKDu3A8Af0BZ6%2BhY2nTzd%2B3e2i3jNB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee2fd574-CDG
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C097 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4790186
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbgE9oqWmPufXHvUt63PlhWpl8bpkmnPutAIXcYb64A%2FzNrt1FIW4ACRPDVnsFXpwCAMVEXbNlPOT9EM1k%2ByucTdUBFweaLFYnNYpU0sP2Bm0InWTcemc7LhWo8T8R3u99Ir4gDhmlYpSZd4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee35d574-CDG
cshow.php
www.awin1.com/ Frame C097 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92uroneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:04:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
assets.ad4m.at/logo/ Frame C097 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c331eb86d87b1684540ddb6544a96d3f9b975141681f028ae97b0c5bcf4b64b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43258
cf-polished
origFmt=png, origSize=12853
alt-svc
h3=":443"; ma=86400
content-length
4258
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:42:23 GMT
server
cloudflare
etag
"40eca896a1af9011ff26d05bf97e80fc"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkFNjeiH1RPtZjNA7EEKlM6tycTRBQMjOqUsTG5UExXDQJ3eEBGnPQFfBX9zd5dJoy8rnqBW70syP%2BGKP4y4kRYk2XhcxgIGwJjuD6AspMDgk%2B2z7mpfcQGfDr%2BzYte1unmup59QPDt%2BzGte"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee2ed574-CDG
71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
assets.ad4m.at/product_image/ Frame C097 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81bb9ca7f132df1282fb961eb59ce5e0bfb23c3946f578d046088da672650d12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4803977
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
36053
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:15:37 GMT
server
cloudflare
etag
"d5b42731623c7d6d385a5ed6ec6d805a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFb0faj177xFl7h7vRljzimkROMRqjq9U0KWh60n63qYKKkfEtxkiuH6wndSpQSM74g0keYcPfo7xJmY73KmuRdJTFkGyPIZKyihYbxro5fTxlKlfOXmzcC8GXq%2B5T1hp5l5Fg8qTJdySCnb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a1463eee37d574-CDG
cshow.php
www.awin1.com/ Frame C097 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2974903&v=22835&q=421902&r=412871&pv=1&pref3=oneidbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:04:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
6945102
ak.eessoong.com/4/ Frame FD5E
Redirect Chain
  • https://xml.eximdigital.com/redirect?feed=634443&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
  • https://ak.eessoong.com/4/6945102
32 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.eessoong.com/4/6945102
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9340618d4515b1305d14ce5c76ff697f290010ce9521b5d21579f9f1be73b81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13055
content-type
text/html; charset=utf8
date
Tue, 23 Jan 2024 16:04:47 GMT
expires
Tue, 23 Jan 2024 16:04:47 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
5e816597f9b64f9e78dabf58d1dba4b2

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://ak.eessoong.com/4/6945102
Server
nginx
redirect
xml.rtbfactory.com/ Frame FE5E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.rtbfactory.com/redirect?feed=633223&auth=hWvnzW&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
olivedinflats.space/ Frame DE3A
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=626939&auth=cUVzDz&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
z8G-Ytb-jA7k4aLy5QtyUNtjIpmeExvp7M0lISL_jT2EVgyjxeM8Fw==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Server
nginx
redirect
olivedinflats.space/ Frame 1CE7
Redirect Chain
  • https://xml.adtube.media/redirect?feed=615325&auth=nWjGCY&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
8ylyYrcrghtQWVAQnFxumFuREBS9lt_S3Ay5OjJ3uUP1UwnYYecb-Q==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Server
nginx
redirect
olivedinflats.space/ Frame 9F9E
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=626960&auth=c2DVej&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
HIYRbocWdqQ_tCF97gmhueDyq-OnrEvF75PvTptJQ33aXyI_iDRs5g==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Server
nginx
redirect
xml.mediacpc.com/ Frame 4B75 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.mediacpc.com/redirect?feed=629755&auth=oNyUuc&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b0e , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx
redirect
olivedinflats.space/ Frame A900
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=615321&auth=cOpZmC&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
kN-YlSyC29oAjUQW1NrGoMCPOQmQbClWL9hcn6nSDgSOkD8K38iAOg==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Server
nginx
redirect
olivedinflats.space/ Frame 77DD
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=615317&auth=aX2pUJ&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
C-vg4isRYEWZNj2-ovGHemYX5tw3S3VgNBir5BNd4xAIstgnSBGMZw==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Server
nginx
redirect
olivedinflats.space/ Frame 8827
Redirect Chain
  • https://xml.adtube.media/redirect?feed=631737&auth=5q8RSh&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
m1x1uPNX6G4R3l1R0N3nQDy75p-qDQxIYGdfXJYjd24P8HE4BkaJvA==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Server
nginx
redirect
xml.zentrixads.com/ Frame 1B35 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.zentrixads.com/redirect?feed=626946&auth=zhEF3k&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b10 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
filter
filter.realtime-bid.com/ Frame 85E9
Redirect Chain
  • https://xml.clixvista.com/redirect?feed=634146&auth=ZcZzdT&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
28dfdaa9ef9b14bdb5f25321b8ca382ce990bf2010f52d8fff83478cda03972a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12944
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:04:47 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
Server
nginx
redirect
olivedinflats.space/ Frame AB25
Redirect Chain
  • https://xml.clickmi.net/redirect?feed=615323&auth=R59YLB&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
ZMcbjlPJlth_08pPv73Q7SupBTQwfanPXsRcD3pcU0LSP6WesLrtMw==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Server
nginx
redirect
xml.ctrtraffic.com/ Frame 09F8 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.ctrtraffic.com/redirect?feed=616706&auth=LtBzUz&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b1e , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
xml.mediacpc.com/ Frame 4B42 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.mediacpc.com/redirect?feed=616707&auth=kv8WiI&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b0e , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx
redirect
xml.zentrixads.com/ Frame 99E2 		17 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b10 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
75a9042147e6a457a72f68b5e60298c643057ea87600c57f4a84340688763a24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
17
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
olivedinflats.space/ Frame EE09
Redirect Chain
  • https://xml.flurryad.com/redirect?feed=626944&auth=qBoLPX&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=481949.600679
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=481949.600679
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
bhV3jxUuVhg_Iuj_hyGyICfsKfas2B9bvYXDypjfIhZxpxaMpXKpOQ==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=481949.600679
Server
nginx
redirect
sub.adzgame.com/ Frame 2EA0 		0
0
redirect
xml.xmladsystem.com/ Frame BEAE 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.xmladsystem.com/redirect?feed=615319&auth=W8TMJ0&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.28 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
xml.rtbfactory.com/ Frame 6BDA 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.rtbfactory.com/redirect?feed=633210&auth=5NdnT6&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
xml.infinity-info.com/ Frame 05CC 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.infinity-info.com/redirect?feed=634483&auth=gPnHL5&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx
redirect
sub.adzgame.com/ Frame 23EB 		0
0
filter
filter.realtime-bid.com/ Frame DF0C
Redirect Chain
  • https://xml.clixvista.com/redirect?feed=634351&auth=soTzkH&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.29 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
16181c3c89b5fbe4fe1a9ec3fc4135fb183eca2497d3d6cb4cf15ca016049c4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12952
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:04:47 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
Server
nginx
redirect
olivedinflats.space/ Frame 2AB7
Redirect Chain
  • https://xml.adtube.media/redirect?feed=631735&auth=KA0htm&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
7V2YGYYbgYfzk7kLRQEcSMbzfJi23A4rBZDtf9csV-Oi09q4H_964g==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=417405.614210
Server
nginx
redirect
olivedinflats.space/ Frame AB97
Redirect Chain
  • https://xml.clickmi.net/redirect?feed=615324&auth=4h0n5N&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
WdRXAapZ7INSHaFL29C0MxYuo0mcXTlgbpyaIBJHkFrsf5TOFjK9LA==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=536787.633317
Server
nginx
/
www.s2movies.pro/ Frame 9E82
Redirect Chain
  • https://xml.ctrtraffic.com/redirect?feed=629199&auth=zLr9BW&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://www.s2movies.pro/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.s2movies.pro/
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:df47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfdbb22e7b38bef5f6151a78dbea14fa542e1f0f9cd1f3f5b7017c447cc00cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
84a14642bd972a37-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 23 Jan 2024 16:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=615Wf3rTQJ9NZIuAAq7LGh%2Bg6hNs3tXaM1MWDP17REfeafVbecGVcLmh0tNwjlpzAU2%2BqFjw2rpbWVGL071LUx%2FThKELXF9bJk9rOH%2BgZoSTtlmxVSXbkh54OjkOqm97%2F04%2FmVB%2Fok8v7R6ZAvzg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://www.s2movies.pro/
Server
nginx
redirect
xml.eximdigital.com/ Frame 0D4D 		0
0
redirect
olivedinflats.space/ Frame A619
Redirect Chain
  • https://xml.thenetwork18.com/redirect?feed=615318&auth=OjLd1I&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
zOc2VJmxMFLDAkduYvQApaeFLIdkM5yoKUKBosQ1ZyLVtdzZD9ltng==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=568216.634206
Server
nginx
redirect
olivedinflats.space/ Frame 7E85
Redirect Chain
  • https://xml.adflyer.media/redirect?feed=626962&auth=qAKAp2&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=481949.621005
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=481949.621005
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
gV0hDdjFW5PTTcXlAaBJckiRXXAy0g6KVnZxiovPssH5En0VQkNKcg==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=481949.621005
Server
nginx
redirect
xml.adflyer.media/ Frame FA1D 		22 B
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b1f , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
22
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
olivedinflats.space/ Frame AFD7
Redirect Chain
  • https://xml.ctrtraffic.com/redirect?feed=629202&auth=QnmDKl&subid={subid}&query={query}&url={url}&default_url={default_url}
  • https://olivedinflats.space/redirect?tid=926092&subid=536788.567453
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://olivedinflats.space/redirect?tid=926092&subid=536788.567453
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-64.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Tue, 23 Jan 2024 16:04:47 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-id
4MYzdFJ8_yLEKT3nuvE604BmEPGgwJcXL-G-tGj8XevkMnbX4_g7sA==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Location
https://olivedinflats.space/redirect?tid=926092&subid=536788.567453
Server
nginx
redirect
xml.xmladsystem.com/ Frame 333C 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.xmladsystem.com/redirect?feed=615320&auth=ywL5Zd&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.28 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:46 GMT
Server
nginx
redirect
xml.mediacpc.com/ Frame 3B73 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.mediacpc.com/redirect?feed=629756&auth=ojnfCi&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:b0e , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx
redirect
xml.infinity-info.com/ Frame 4D27 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.infinity-info.com/redirect?feed=634482&auth=JoigQT&subid={subid}&query={query}&url={url}&default_url={default_url}
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx
redirect
xml.flurryad.com/ Frame 94DE 		0
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 0A12 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
74847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:17:19 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:17:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 8E9F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
74847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:17:19 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:17:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame C3B6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turfologie.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
74847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:17:19 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:17:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
pornito.de/assets/ Frame 78E2 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pornito.de/assets/css2
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Tue, 03 Oct 2023 03:50:43 GMT
server
nginx
etag
"651b8f93-1752"
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
5970
x-xss-protection
1; mode=block
jquery.fancybox-metal.css
pornito.de/assets/ Frame 78E2 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pornito.de/assets/jquery.fancybox-metal.css
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5609fc54573f20fa40c4e69d16754feedab29dccee56b4e276026d2c789df6b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 03:50:43 GMT
server
nginx
etag
W/"651b8f93-100e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Wed, 22 Jan 2025 16:04:46 GMT
all4.css
pornito.de/assets/ Frame 78E2 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pornito.de/assets/all4.css
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
71034e9ee13299595623ad3a7fcdcc07b542bc82c2da1766303c9e64eeb36599

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 03:50:44 GMT
server
nginx
etag
W/"651b8f94-771a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Wed, 22 Jan 2025 16:04:46 GMT
logo.svg
pornito.de/assets/ Frame 78E2 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/assets/logo.svg
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ae05b18aae5483651f30c1a04078268141f1704596cfed6b37175802bd0c89ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 03:50:43 GMT
server
nginx
etag
W/"651b8f93-3390"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Wed, 22 Jan 2025 16:04:46 GMT
1.jpg
pornito.de/assets/ Frame 78E2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/assets/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b1e3161de1cce033d34d742887b53c870770b79b62f8913caff08d0f469665c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
last-modified
Tue, 03 Oct 2023 03:50:43 GMT
server
nginx
etag
"651b8f93-2132"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8498
expires
Wed, 22 Jan 2025 16:04:46 GMT
player.min.js
pornito.de/static/ Frame 78E2 		215 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pornito.de/static/player.min.js
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e73d0eeee68ac2a24d0a2dd314d3106e1487558e9c062621c0a71f3f0c6a7b63

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Sat, 13 Jan 2024 03:51:57 GMT
server
nginx
etag
W/"65a208dd-35a8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Wed, 22 Jan 2025 16:04:46 GMT
1(2).jpg
pornito.de/assets/ Frame 78E2 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/assets/1(2).jpg
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
cae15024a69f06fc2e124b25d160a09646d0b9feccf70136040143873803f7c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
last-modified
Tue, 03 Oct 2023 03:50:44 GMT
server
nginx
etag
"651b8f94-3128"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12584
expires
Wed, 22 Jan 2025 16:04:46 GMT
01small.png
pornito.de/assets/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/assets/01small.png
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
04354830bc126f72b690b0af545d49fecf86f306c993270038e2dc80fa027d50

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
last-modified
Tue, 03 Oct 2023 03:50:44 GMT
server
nginx
etag
"651b8f94-20ff"
content-type
image/png
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8447
expires
Wed, 22 Jan 2025 16:04:46 GMT
video-slider.js
a.magsrv.com/ Frame 78E2 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.magsrv.com/video-slider.js
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a0fd2a1324a78ad64662e4d43d9ffb6809cf95acbcc99d88f7a5d261a038b18f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
x-age-lb
978
x-77-cache
HIT
x-accel-date
1706024908
x-77-nzt
EgwBnJIhiwH30gMAAAwB1GY4EQH3EQAAAA
x-accel-expires
@1706035691
x-77-age
995
x-cache-lb
HIT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"6f11cbdba47af304be60572c112"
x-77-nzt-ray
cf878727dabc1d059ee3af65368af732
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Tue, 23 Jan 2024 18:48:11 GMT
main.min.js
pornito.de/assets/ Frame 78E2 		204 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pornito.de/assets/main.min.js
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1c193778fdb97d0a29545d7350504dff96d7a23f511543a8b79a4b766aa5531a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 03:50:43 GMT
server
nginx
etag
W/"651b8f93-32e24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
expires
Wed, 22 Jan 2025 16:04:46 GMT
main.js
pornito.de/assets/ Frame 78E2 		794 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pornito.de/assets/main.js
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a3abc4a42e468252822b67bdbd5659d2642720b4a8f2abbce1121ff7e85de612

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
last-modified
Tue, 03 Oct 2023 03:50:44 GMT
server
nginx
etag
"651b8f94-31a"
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
794
expires
Wed, 22 Jan 2025 16:04:46 GMT
c-825d08a1fc9890e3f47217dce59317b5.png
grow-platform.tradedoubler.com/uploads/organizations/2367786/ Frame C097
Redirect Chain
  • https://imp.tradedoubler.com/imp?type(img)g(25528792)a(3040636)epi(oneidkzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaRoneid__Influencer_TT_advancedad_300x250)074726015
  • https://grow-platform.tradedoubler.com/uploads/organizations/2367786/c-825d08a1fc9890e3f47217dce59317b5.png
30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grow-platform.tradedoubler.com/uploads/organizations/2367786/c-825d08a1fc9890e3f47217dce59317b5.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=1669174%2C19769%2C191668&b=kzgPs5f3fJkYBu4HwHetBt8VjQcZSmtmPwaR%2CYAqkcrf3fYG9tVH9HetQtRdkTkSWtd92ur%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ&f=zgwZCRfYf7KMmFpHBHMtJCXz62UVSZtQDMHW%2CqxgqhmfWfpgbfZHgHDtRCX9ETeS3tJDxC3%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd&c=300&d=250&e=&g=0882518cc3fff4645c9532db3809df51%2F8401296914326733738&i=295382%2C21630%2C75452&j=19%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1706025886277&y=1&s=&z=0
Protocol
H2
Server
188.165.150.177 Les Lilas, France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash
667dc891ca13eaded1b825aa627ffec858d8cd066374def0c78c86b3faef6206
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Nov 2023 13:25:26 GMT
server
nginx
etag
"6543a346-791f"
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
content-length
31007
x-via-poph
replica2
expires
Tue, 23 Jan 2024 18:04:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
referrer-policy
origin
server
TXServerHttp
content-type
text/html; charset=ISO-8859-1
location
https://grow-platform.tradedoubler.com/uploads/organizations/2367786/c-825d08a1fc9890e3f47217dce59317b5.png
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
312
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E0D 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame F647 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
42173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 04:21:53 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame F647 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:56:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
76082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:56:44 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F647 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
567393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F647 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:23:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame F647 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:28:59 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F647 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49116b116b7a9ac1b831c031d71065b4f5277c665002ba23520b7ffc4e07f3c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63314
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:35:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F647 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ag3AB87QHjClTAZEHmMqLyy9dEYOuu0hiFweZ4hCll1drPvHSSUk-Mx-V4XgQV-CCNlTCgvRiE4TFUWWjIDIeRHU6YYpV4txDr6iMni0sYaUm9Y3Y
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7249039159513746748
s0.2mdn.net/simgad/ Frame F647 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7249039159513746748
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
285289282d4acb208757fa50bab00050809774873e9f10d7af704c6e93bc0483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 08:41:42 GMT
date
Wed, 17 Jan 2024 08:41:42 GMT
x-content-type-options
nosniff
age
544984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1130832
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 14:48:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index.css
campaigns.milibris.com/ Frame DE46 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://campaigns.milibris.com/index.css
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
2052b7c6f11b588b309d6f4edcf6e69e45636eac4d55c7786c750ebdbf3df82c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"aa4-18bb4b2ca50"
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
jquery-2.1.4.min.js
campaigns.milibris.com/js/ Frame DE46 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaigns.milibris.com/js/jquery-2.1.4.min.js
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"14979-18bb4b2ca50"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
reader.css
campaigns.milibris.com/js/ Frame DE46 		133 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://campaigns.milibris.com/js/reader.css
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
2a92fb119d491db997c85e92817381a68707486c1a55293827329a548c95217d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"2157f-18bb4b2ca50"
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
reader.js
campaigns.milibris.com/js/ Frame DE46 		886 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaigns.milibris.com/js/reader.js
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
c7f837ecf6d3bb1f7b5fe9d923bf06c40d635e3959fc164d81b3575210ad7eab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/campaign/659e24505510d5507530e5c4/reader/ce46219f-7acd-42ad-af2e-6f58f1aaeac1?ojd=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 09 Nov 2023 15:28:18 GMT
etag
W/"dd932-18bb4b2ca50"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 82B8 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7249039159513746748
s0.2mdn.net/simgad/ Frame 24A4 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7249039159513746748
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
285289282d4acb208757fa50bab00050809774873e9f10d7af704c6e93bc0483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 08:41:42 GMT
date
Wed, 17 Jan 2024 08:41:42 GMT
x-content-type-options
nosniff
age
544984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1130832
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 14:48:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 24A4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
42173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 04:21:53 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 24A4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:56:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
76082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:56:44 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 24A4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
567393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 24A4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:23:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 24A4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:28:59 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 24A4 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49116b116b7a9ac1b831c031d71065b4f5277c665002ba23520b7ffc4e07f3c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63314
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:35:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 24A4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_50E7hGBPEzG5WlyzzU-59n768VcIEnpgpmVLzY9WugqKXVlhE9LOAnIPpsQo2fDo6WUOfxZYmAJc3RP64adH1aMzcT1tFKS-xnPW4dWLUF6Mvmw
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 92E3 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:46 GMT
expires
Tue, 23 Jan 2024 16:04:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B505 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 21:44:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame B505 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:56:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
76082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:56:44 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame B505 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
42173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 04:21:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B505 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
567393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B505 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:23:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B505 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:28:59 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B505 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49116b116b7a9ac1b831c031d71065b4f5277c665002ba23520b7ffc4e07f3c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63314
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:35:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B505 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5332UBsHXAFWjgxitAAqXm3AqR8Y4_7ao_-DJWFteqPyma0y2rbX6bOATXPrdPpTOUhP7XanwtKLXpOd1X8vUpbgxypJaSGSvDC9Sn-w4xKcbiVE
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
233.362b.c.css
consent.cookiefirst.com/banner/v2.14.5/static-main-no-autoblock/ Frame DE9C 		127 B
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.5/static-main-no-autoblock/233.362b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cdn-edgestorageid
1080
cdn-storageserver
DE-680
cdn-cachedat
01/17/2024 08:39:35
cdn-pullzone
236985
content-length
127
visitor-location
FR
last-modified
Wed, 17 Jan 2024 08:39:34 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65a79246-7f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
ff4c05ec62c076d900c2c68cdb139394
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.8420.c.js
consent.cookiefirst.com/banner/v2.14.5/static-main-no-autoblock/ Frame DE9C 		96 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.5/static-main-no-autoblock/233.8420.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1080 /
Resource Hash
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-662
cdn-cachedat
01/17/2024 08:39:35
cdn-pullzone
236985
content-length
96
visitor-location
FR
last-modified
Wed, 17 Jan 2024 08:39:34 GMT
server
Cookie First CDN-DE1-1080
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65a79246-60"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
163ed4612ffa8dd907954d5c166cff79
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
rum
dsum-sec.casalemedia.com/ Frame 7E0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-lwQyWOKc1Eta1-8Vj9Fg&google_cver=1
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-lwQyWOKc1Eta1-8Vj9Fg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhAw5PjySwR0EtYMdvAKbH6TH%2Fm3HBsZwlfosw3kMnktjApXbXb%2BuQceDuwa%2B5HQ4sqYKtgmNmZLCBd1Dr93618BqfKjWS%2B4ycNb0zVttmc8Ih378k3SF%2F8fo8ulgW%2B0REtAwiNyBDfbSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a146415bd36f21-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-lwQyWOKc1Eta1-8Vj9Fg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E0D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnpzDORgGLon.gg5PbQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrHAyfhovxfV5pOgKY0rqcHD%2B8PA8D56YyLZOgQU3EVzrfKT%2FvaDwa%2FAJEjbTqi1PsS6erVvnezUylWwxaKRquyXrrWpKMSiw%2FzoJIsfZRWtzPptIVNPFzyoYWflbMZ2PdHmwiyw7Kk6Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a14641fdc70246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7E0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELTWlJUCABkwL4z8952wjbc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELTWlJUCABkwL4z8952wjbc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
463fb6ef-5067-4094-9f6d-d7cb532c5a06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELTWlJUCABkwL4z8952wjbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNX7g2vfJoGHFaWCjnTvhIvL8siAk4tJXpT4JRBDZqEP02t-jKaE7dcUYWiwZg5QSHOz3jpNssh9RuzjSLVd2862obDrBUrLMDIpHXpp9OU6vbSeGLTC7Mc6ScfQ5wkUv-O5rnbB_KOk_rtQOC3SeA1D-W722x-ybsNN4atLUnR2zlSChFU
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
67f73912-eab8-4086-93c9-3e9804228a04
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
9411nzudoZ5imrcHUrTPruTWH6FKSyJRLCx3LYubiUzvna5ZK_aUIfMgKoS7AaYpV
www.linkbux.com/track/ Frame 2AA9 		923 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkbux.com/track/9411nzudoZ5imrcHUrTPruTWH6FKSyJRLCx3LYubiUzvna5ZK_aUIfMgKoS7AaYpV?url=https%3A%2F%2Fbecely.com&uid=v03040001438220c40312d5f94d19b5306a803c4720a5
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=5t0p7%3Ac%2F0wa.0i5k9ud.9o5%2F2r3c4%2F04213z1d0Z4i3rvHdruPmucWy6eKeyFR%25C23AY%25bpUtv%3DarZ%3F_pUaf7goKSMAIYaVKu5lnhztisu3L%25xFL2JbScFlH.Tor%26TiU%3Dc0m050o0u4n8129ck0a1tdmfc4x1bbn3l6w8w3%2F4s2tah&e=1&ai=f1539fbd16e34aad808cc5b6d428ce5a&sct=0&ct=1706025886640&cu=20c40312d5f94d19b5306a803c4720a5&ykuid=3c42b26d2455406a922baa4d27aa5673&sc=1&cs=266e1398c42463257cf426c22783c86c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.231 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
049295fadb0d21a89479f2e6f36fe14c4b42b04f1c6b77127415ed3ec21ca923

Request headers

Referer
https://r.linksprf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 16:04:47 GMT
EagleId
a3b55c9917060258871481147e
Server
Tengine
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
cache37.l2us2[99,0], ens-cache5.de5[261,0]
truncated
/ Frame 78E2 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
placeholder.mp4
pornito.de/static/ Frame 78E2 		137 KB
137 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://pornito.de/static/placeholder.mp4
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8da0c62a691971ad0c6b034972224dd29941901c44ad4b5520ab3057d4779f92

Request headers

Referer
https://pornito.de/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 23 Jan 2024 16:04:46 GMT
last-modified
Sat, 13 Jan 2024 03:44:49 GMT
server
nginx
etag
"65a20731-2244e"
content-type
video/mp4
Content-Range
bytes 0-140365/140366
cache-control
max-age=31536000, public, no-transform, max-age=31536000
Content-Length
140366
expires
Wed, 22 Jan 2025 16:04:46 GMT
splash.php
s.magsrv.com/ Frame 78E2 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.magsrv.com/splash.php?idzone=5175116
Requested by
Host: pornito.de
URL: https://pornito.de/static/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
9c7025a06ff5437034d16a5ab96ee0a66dbb40f96749602fc2903a1efc5b62ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:46 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pornito.de
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
X-CH-VALUES
rum
dsum-sec.casalemedia.com/ Frame 82B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD4z72SUJCr%2BA8onYm9Z8jm95CKe%2Fg%2Feq85Jw%2BRFemSS%2FJ0vPrJnH9MrDSxl7o6EiLxPzPlrajjaQjG5s%2BKQRstMUAE0Idpt%2Bij8KX1I2Ebsc%2FvhhsG8yRJukHg5oG0dPAdWbb%2B8qkxp2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a146415bd66f21-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnk-3AMZQa.zBCBqbtAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAK0TVx7MDDkkX0UyAh6CxDRvxPwd7ZIOKmWLbffr%2Bz6%2FK9d0BsV10DwRIlgPPPOnlycEYQaL8VuWx%2B7zZ0hWye8FqF0vuqV2UMQ2Aeyhk3q3P%2BWOOFhCR8CsdUBA7%2FU2NoqIQJF6y2szA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a14641cd830246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 82B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
5f9949c5-d474-4c59-ab91-2d009cf8c25f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 82B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTMzNTIyMzMyMzM1OTg2Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTMzNTIyMzMyMzM1OTg2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiqndlgIYrrbE_wEwAQ&v=APEucNW4HmGYpg6nynOtxcF6jBvMI8Bsw8rIv37skyQ1d7OVlftX0r9CuJmlZiWdsS6xyb7Q2utoa1dnOmQ5kozb_DsTpKAjMrsSdvKJw6_GLH5GhcuOpiiTj-ulxsbuVGUKxGid4jD3f-oer0QWKzqj-sqU2tiDHdJdNvmi2fMjk-A5eWt7jKo
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
95c11717-ad90-41c3-b2fd-f29b688a4655
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIwOTMzNTIyMzMyMzM1OTg2Ng%3D%3D
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 92E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YwDqMwPh9f9UCSoJAjY2hq4dvOqM2P7pGxw%2B5EFM82rG6M0yMzVHk4wec44b%2BIQ%2BTZsNnKLCayueHY0fxXBOtf5ahpfFpHBnk%2BPdReHc6L5kN78DvPJPWye3X1MyWh6G%2Bh3OslYfKfmtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a146415bd46f21-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL3OYMeZQSWNSMHeXAuBMQw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 92E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-jnk-3AMZQa.zBCBqbtAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfpjKMexISdUJzjf7SQ9axXcyb%2Fxqit5%2FQF7zup50ANBr2WhcIHIGaR9wgZiqlUudH%2BvS1ddIhno76A4Sl8KRnb3%2FD0s%2BuDSSZlosu2vTOABFPLhlrlN1nwm0oUFl2Y1gkDppw%2F%2FysiWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a14641cd7f0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMkLRBeMn2cv0lqcvQjvy4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 92E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
1cfd9167-27ec-4d1e-b0d3-2fd2ef215996
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgtsPN2yt64KleLTq9iV_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92E3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNW3iD1lXMQlYxFYgeQrIxMF95YQiXfPZ6yE60nYWtq8O3UajEbX1Vyd_Q8HO7JCK1dqmmHs131MOZW32Gzx6PpUL9l4rYTXBD4B4wUnUX3V5isiO3PTu7x3msbLO3Anp0E26Lr1QKJ2QINUna3hK7hwIa4FPFnrituQJKE10zRFNtLVfPs
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:46 GMT
an-x-request-uuid
c6e353ac-6ed7-4da6-9034-0c09eb2d55f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4NjIyNjc3MTgxMzc3MTU0MQ%3D%3D
x-proxy-origin
37.59.164.110; 37.59.164.110; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame B505 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49426c37d548238f9611ffcade1623d983e18adda1e8d5739ea23b625c262fc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D748 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
587438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2D20 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
587438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 28B4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
587438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a4dd84acd8fa9917ffe7e8897226d5617ef63caf.mp4
u3y8v8u4.aucdn.net/library/257596/ Frame 78E2 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://u3y8v8u4.aucdn.net/library/257596/a4dd84acd8fa9917ffe7e8897226d5617ef63caf.mp4
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0a16b9c0bc8878077a0ffd9cae294a1d1faff634bcaad2e18f57223a50b4ca58

Request headers

Referer
https://pornito.de/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 23 Jan 2024 16:04:47 GMT
x-age-lb
26688825
x-cache-op
HIT
x-77-cache
HIT
Content-Range
bytes 0-1553143/1553144
x-accel-date
1679337062
Content-Length
1553144
x-77-nzt
EQwBw7WvDgH3OT2XAQ
x-accel-expires
@1710873062
x-77-age
26688825
x-cache-lb
HIT
last-modified
Fri, 01 Jul 2022 10:55:09 GMT
server
CDN77-Turbo
etag
"62bed28d-17b2f8"
x-77-nzt-ray
908339306ee287529fe3af65ea975500
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex, follow
expires
Tue, 19 Mar 2024 18:24:05 GMT
index.html
s0.2mdn.net/sadbundle/15205685216655332109/ Frame D0AD 		31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
278854
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5704
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 10:37:12 GMT
expires
Sun, 19 Jan 2025 10:37:12 GMT
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame B505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvfwZh0LBF_iBN3w4nYbWwCIWSbtFOisxPChwfKjv25k_xQeNtT9zDVzuKI-pVpNxSS7pX3YqTTSniV3M20thIvHzZVB4yf9bzgRgWlPkKFWhNtG9tPi175368_xD0nwthkxIYfu9ksTmYaQGn1EMlGT_S3IOX3jHgyHzmP1XMfkahDF__cBA9w6MhKykIRFKYbnokbV1_kP-MXX9SaHiGZHDHcGAKcUjqX5cLNV6hhwtWDbHScK3V9pk6u86CtXdWLIT8wP_jfkObMAwlW82H9ae3d6myqGTj09blAaFUNN97ImYGiaeW20bic66KmnMHNeZLEdcsjupbRRwXVfiiqTtBLACrGZjROPxu5xqbEKwOLT40t9F-PJcIkY7tEg9aW9m4tCPYbjB6rKt1tLAwQGkgryJ9pbwTkIlvDKhx7qh5qn82sPbeSRnV2qY-S4TvA2YU5qLtB0m1lb-erETwblu3H1eaBe5VT_H1NXH4dRVn9BIF4iHvd4z8S5Vt5LDJ1Mc1k10tUWQNdCv6hEsntTbkadqyZJ4_J3bW0QO393Qp0KZZrZeCnGA98Hy0y6Jygnbr7qupvj-IFo2EtzI0kJTPufwSr2H69RMvIWZuol3J3w5JIWjMDGigTKOr48czRU7dvO-DmPADwWt0qbaCX579CXsdmToJQiMoXy_Mcw7jk294moZLtXwktoFHinFqf9xqk_Kw-XeB4jS5L-SagkbwpT-qHZyVH673SFgcZzMuT3F_dRKQHO8LKmpF79T3B7PkguQwsAq8cohqzvhkWF_4i56QZqJ5PS7MvBMdMJtLYKIvE2IyRNM4TtFF4zZJumAt0rACVnyuM_Vt2LIa4k8xOg3HwZT9_UiUB-UEXDsKTgqFcWb_ATyoKaCPcPRETSDqioc8JN7EcnEVOpJLyj3hc57I1jVgChkCbYgXK9lgihSNLXUIaq4lg_J94ropKpIVM5GAegJQ6AQHqNeGPWwQQEAGGX84WWu7Fh8PJHbpMsbwjFUOZve-KKIGV9Nzyw4pY5K2hIwrHlEx92HUNJuDMFQs-th3olxjwJ7kpuNoQNSYBNaPIMGxQRQGDyVvuyv6yG5-1aPdaWoCso8Zi9KzigS_t7Ngcdc_5pPKIR2VNy15v0gl6taZ2FcOG5a4z8JYLJuHBsD5mi7VKtxExk40nUYErR0aIgYwwzbBjKR6cOGx5Lhu1AYEL2H2AMYeQOsmZMu6frbDIWOK7ssA2eeL76Re0Hb-7dwPfrwgGrYMxBb5M6m48YdJRIg&sai=AMfl-YQ1SlCxQk712pqHxhaJ08y_UqV-Spc4r9Kq45sYlfYZ0hWaSXdJgS6v2Znjlv8kMcv9apaErdwzkh0pqcvqZliIPiNRXc-cHhwy_8kUMn-XymcDb2wbgCMLbwXeNV7q0SrvTfP3k-SS-YzVO-2LtN9nlmDG24_hD-W7lmPRqZs8uAflzESG_qV3aNr3HgIZu161PWp5dBv-GXOjCGXXvXbvYYxWnvvAx20a6EUcc-dcf2nBztG4gus-UCgd8ohNRz0dF72ZAvnYZsqL2cVzDDScqPVZCZ9arkyX6X9Gnc6akFjDVOxmyclASpoZt9nhJFJ1vcXT0LDUr7yLBOfyl63EWi92prquwnZSwNvzyOaYZaAxx1eI6L9_JUPVnuopKp1ZeKmqM590PM0Lc_n2jnB2oY2ucJ8iv-1s7dPLc5eyU3FFAKGuOtUdxHZQE1wbFbq23lU6Stn-u_rZQsf7WZ2V5UPUsNKmqaxBRk8ZvZdR1qcxGlz9MUv9Jfzf78NpTvlAYfD1Y0A&sig=Cg0ArKJSzKE5CWULR0mlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cstd=171&cisv=r20240118.86755&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame 736C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d745e15c3d509aecdafb0c8df95bd49a93bba4c7ee8e91568df4bb33c681ff
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a146419ee07904-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:47 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7681 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:23:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EF4D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
24676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Wed, 24 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7681 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:28:59 GMT
l
www.google.com/ads/measurement/ Frame 7681 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI6oAIygL_UzhgAgKRwM8Fc34f6_ncEaT3x44vnb1NlEkINA0q1hj9vtfYnpflJZfgpw4BSPAqv3g5U1yNnCOovRsLMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7681 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:04:47 GMT
splash.php
s.magsrv.com/ Frame 78E2 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.magsrv.com/splash.php?idzone=4983934&cookieconsent=true
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/video-slider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
b41252453cc9dad39a02ef2888c097a45f25fb514571866f5eab919608eb5bdf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:46 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pornito.de
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
X-CH-VALUES
material.json
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/ Frame DE46 		27 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/material.json
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/reader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a791f1ca594787e4306b74b064fe5be45dd4faac5f9f32a7ab71658093613e4b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept
application/json, text/plain, */*
Referer
https://campaigns.milibris.com/
X-Session-Id
fd903da561202b0e
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:48 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:44 GMT
Server
nginx
Age
106889
ETag
"12477ee10039ec28d94cb15603982c3b"
x-amz-server-side-encryption
AES256
X-cdnca02A
1016; 153094.265; 7200.000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://campaigns.milibris.com
Access-Control-Allow-Credentials
true
X-frontA
8; 517616.950; 7200.000
Accept-Ranges
bytes
Content-Length
27685
material.json
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/material.json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-session-id
Access-Control-Request-Method
GET
Origin
https://campaigns.milibris.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Origin, Content-Type, X-req, X-Session-Id
Access-Control-Allow-Methods
GET,POST,OPTIONS,HEAD,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Max-Age
31536000
Cache-Control
private
Content-Length
0
truncated
/ Frame 78E2 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame D748 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
602149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 16:48:58 GMT
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 2D20 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
602149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 16:48:58 GMT
a4dd84acd8fa9917ffe7e8897226d5617ef63caf.mp4
u3y8v8u4.aucdn.net/library/257596/ Frame 78E2 		352 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://u3y8v8u4.aucdn.net/library/257596/a4dd84acd8fa9917ffe7e8897226d5617ef63caf.mp4
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://pornito.de/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 23 Jan 2024 16:04:47 GMT
x-age-lb
26688825
x-cache-op
HIT
x-77-cache
HIT
Content-Range
bytes 0-1553143/1553144
x-accel-date
1679337062
Content-Length
1553144
x-77-nzt
EQwBw7WvDgH3OT2XAQ
x-accel-expires
@1710873062
x-77-age
26688825
x-cache-lb
HIT
last-modified
Fri, 01 Jul 2022 10:55:09 GMT
server
CDN77-Turbo
etag
"62bed28d-17b2f8"
x-77-nzt-ray
908339306ee287529fe3af659a8bd502
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex, follow
expires
Tue, 19 Mar 2024 18:24:05 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 736C 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
784324
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhcBwKMYAwFLNb6XSTja9ISEqsFeREy%2FgODjfdF2pvRIZ9D0khl%2B8u6uNoJfRx%2BPhbLhH9hecjsX%2BPiD90ESTcUehtjUR0uL0VSvHgVsfrjVFnvcE09yok7mr2Q%2FpysUL7SnM%2FLsitk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84a146420fde7904-CDG
expires
Wed, 24 Jan 2024 16:04:47 GMT
r62eglto.js
ad4m.at/ Frame 736C 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
35028
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXGuqE1bmnDb%2FOHV9MUucaWK1NQxvUz%2FI%2FOyxS2hw3%2FVYsyv124LFDitMJ8HzxPiVHFp1BqRlh7VfLKYWOF9WH%2F91H9omNeWxvfl4HPrej%2FZBz8QVZWAbYlSkRuwKYnh%2FLAXqIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
84a146420fdd7904-CDG
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 06:20:58 GMT
truncated
/ Frame 7681 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edc4115c928abcf322555b7ed8c2901752d059a88aceed7723de9ef16023fbe8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 28B4 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
602149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 16:48:58 GMT
pixel
cm.g.doubleclick.net/ Frame EF4D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGlhZVV6WWoxUnNqZ3o1&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGlhZVV6WWoxUnNqZ3o1&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-rl232iWv6dudmCAoeQC5iY6akUvTxhrMPSYaCztByPJ1PgOvhS7ONeX_Yo7uc0E9hzGEgyE5a2qk2t5VQxgPsXQZWDZ5x6jJPPPEhNJsm1J2Q94g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:04:46 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-092dd177afc8cc107@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aGlhZVV6WWoxUnNqZ3o1&google_gid=CAESEEY49lXitjVVDvMe4KrYrP0&google_cver=1&google_push=AXcoOmQdLEFlhSfT6l0r7eFyvF51ImeB-OCvQxyYk3nFp-rl232iWv6dudmCAoeQC5iY6akUvTxhrMPSYaCztByPJ1PgOvhS7ONeX_Yo7uc0E9hzGEgyE5a2qk2t5VQxgPsXQZWDZ5x6jJPPPEhNJsm1J2Q94g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame EF4D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYG...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84a14643af660218-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
479
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_vD9keB07ioOLjBF5rNVw&google_cver=1&google_push=AXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmShyZjZMTNOMReX5dH-pdUpbQ9L01ZDJXVPKKqYr7UWC8myiWAkuDlDZnErLo0l9H4dSqgOpzn8oM-PTMtmWG6_W3TQNYGWW6k2l0TEl-is6eSuW4LE6woRl94giX1i-C4F-rAqRaKNCUMFak4bcTlEVIM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84a146426d5e0218-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EF4D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHE_80PBHd0i7tlr0SgyNas&google_push=AXcoOmQ3VQDhCw4N6UG4SivNxU4cXpF4RQFK6l2Cjb5hwaCT70Kr6R_rzZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHE_80PBHd0i7tlr0SgyNas&google_push=AXcoOmQ3VQDhCw4N6UG4SivNxU4cXpF4RQFK6l2Cjb5hwaCT70Kr6R_rzZc6Zjfm-5g7dR0Vz7zVAtNkCef_W99JQ-UzhP_rZ4q6mhSLYdp5W-SlQ_hCkMhEpk7vmksRGIhESDqr61iesangoF0A4gdGHHG1KRM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-lcy-eglc8600024-LCY
pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706025887.113140,VS0,VE81
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHE_80PBHd0i7tlr0SgyNas&google_push=AXcoOmQ3VQDhCw4N6UG4SivNxU4cXpF4RQFK6l2Cjb5hwaCT70Kr6R_rzZc6Zjfm-5g7dR0Vz7zVAtNkCef_W99JQ-UzhP_rZ4q6mhSLYdp5W-SlQ_hCkMhEpk7vmksRGIhESDqr61iesangoF0A4gdGHHG1KRM
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame EF4D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMMcvCX4iDRFfL6EXW0WgS4&google_cver=1&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCw...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YOkTW1Z9SY0RxKzQoHrQDg&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCwmAub-0ZTc-SBS5s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YOkTW1Z9SY0RxKzQoHrQDg&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCwmAub-0ZTc-SBS5sCxS4LBIYqrFbSZYnBV9wgtxYhasIUPZoXglNqNqif4MwyYbXU4ffBCx4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Jan 2024 16:04:47 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YOkTW1Z9SY0RxKzQoHrQDg&google_push=AXcoOmRxA5obBMkvaUASVbi6O81ciPWT_0V1uDJSFyCPUJuMgNKMMbB3hrEustUaQ-jwUIJdjJKK1oDHnkGc8kCwmAub-0ZTc-SBS5sCxS4LBIYqrFbSZYnBV9wgtxYhasIUPZoXglNqNqif4MwyYbXU4ffBCx4
x-host
tde-deliveryengine-production-5db7bf8975-gd6x6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame EF4D 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF1VfbUfZ8GsO4N-8vWzwcY&google_cver=1&google_push=AXcoOmQvOU_eCNYWdMGrBNj444KX6-0dD-PQ3sV5zpAMoDn_7axuuwlpcZor6J0c6l9Idex_wrqlZgH0ZRtD9ijR8keQfWlaP0RkmqvmJnktV5STvSWBT5DGAeDuk4NmMxZKD5rX-dpl_LGM7b1y8tyLQcB49iM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame EF4D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG67zwHElviQgFefg-dazKw&google_cver=1&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjO...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG67zwHElviQgFefg-dazKw&google_cver=1&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjM...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4ODgwOTc5NjIwOTU1ODM0Mw&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyut...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4ODgwOTc5NjIwOTU1ODM0Mw&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjOvSlaVFyrIyb3bDcCheQRhgJCZ-GIdagfilFxCyNJCcIOmvbYVPoUyIPHIS4oMe_bh1HJp7vVbAFvGrw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg4ODgwOTc5NjIwOTU1ODM0Mw&google_push=AXcoOmREanUvzX074tfW38E2w_RLky26-nGxPZid7bUBC_CHWMTRoB6LadL3oMHB32jtqh_tnjMyutjOvSlaVFyrIyb3bDcCheQRhgJCZ-GIdagfilFxCyNJCcIOmvbYVPoUyIPHIS4oMe_bh1HJp7vVbAFvGrw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame EF4D
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEAfgxN51lE3WsyPSTvKsSKs&google_cver=1&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SL...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SLMhKgurbuzKiDn2THNWAXkwA6A-6mcpcS3igdg_ICVXbUVbdE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SLMhKgurbuzKiDn2THNWAXkwA6A-6mcpcS3igdg_ICVXbUVbdEm8YHTEmlEf7K_5hSZ_o7KRpx7pWFH8RqfZJKvnQYFjJyc&google_hm=M2CXDLpATHqCAj2q0g3Fqm4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQRxG2GNRks3m3G3qXPPQ2oDsTxfvAonwJzjMtwN8tBu7a25yuSxJWgn2R4SLMhKgurbuzKiDn2THNWAXkwA6A-6mcpcS3igdg_ICVXbUVbdEm8YHTEmlEf7K_5hSZ_o7KRpx7pWFH8RqfZJKvnQYFjJyc&google_hm=M2CXDLpATHqCAj2q0g3Fqm4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EF4D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-1BornmTLXOJcIB2sQ42oZEkPT9gr5OszcQSRKiO7nzfGMzVECPGtaFP4Q12jc_BrzbRPQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
8f0cec8041c165cafb6d32d04ed8f04b.js
s0.2mdn.net/sadbundle/15205685216655332109/ Frame D0AD 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 13:23:13 GMT
date
Thu, 18 Jan 2024 13:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39491
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 24A4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9250ed354fb73e2b9583e38a91e73d22c0a540dff0ffcb5e1a14b45ab3034d3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F647 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4940bf709504fa199951aa392bf3d6774c56fad0a31d06bfb3b3c7a816aecfc5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 24A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstWLf73Nx8sZ9RhG0BI5NP_HyViWCaxITsTeqDTdcW3vtyRFN8k0yhMA-HclyAVnzrONvzt_kNwMfQorCTQuPW8Mtar1tZo-GLbUU81rsE--uw1gTAJ594ilvvYyo8Bh5NA8ctVVhuTDGf3-8GksNsUXkk7IbpRNx8uY2beCWhfN6xsiwXisq9ddEQLPvJ4blsuJWZVx14wdy-q_VmF-QGYqjas-xUqk_1RDSY-4cvosB1PNnEihWkpv8Rnh0tMVTigERgezkFgGrtDxe_jHszR9qyxu_pb4gTZMmGWjTa4gwF6qQlgBMHxuwRjiXf2arYITcLPb0iekpPowkz1EfazhQP_6w6kN1RI7ZhZQVRWaOB_Q2gB5nXIF3c1m6eVVPizRKnZrs00iT7GPMpRFaKz67bEtVi0tpqyqKENSVG8NDAJq6WAHJF6POgB4hnqT0MaaYafDWZKz7Ou9VbNSNJn0okGeZ-Pk_5dyV_DG2POEjRTcDTgscahPGsFBZHC_znEPvv6AD2KElyfKXxEFG-zJ9jl75xJu2YVpOCmVqSefFCeN2h7tqmwa_XbO7T121pu69-bXWgW2SEYLtrFwKGmp7p1CQEBg8UIDFXXxEwrCtd_WswM8sqBBEAe1foIYvIKOyf26Sn1VeXXhKDze4wyc3LBQE96EOlKEhWfDJvoh5wmUuIk4Trbsd8EWDI-RbSlUC-dmV4ENKPd3Oy2tCMTTzVEr7qAFqjcxkGM5lt1hVJZF-FCV-g9cy8vrKte8z0sCvmUynI6L1RO9G3y-z90oBDjQa4WM-StLLS5ws1bVSeHzfvixO0dbTpQ_nVOKMEfErFgkuSzPZHxurN2A6UzN91vovSNhUsogvuf-Y2Kgrypzlt8fI1sREirmUplpA2MXqf-AZr4QRd3BJq5avg4239EWbxlypzkP7109Fyo_tjFXNDOjnh68cN7M2acsytYptoV53Tt8RoKjGe2TIgJOfeJ4ES3jgiKU20ZBpJjSuPzQROY_4CIsXsne50ufS88Ms9UxANjTRa52CFW0J1-KzszV9TdqtzC_TwsLL4SD28C4Ti3-mxUyw6o9X53Kf8NMvVips6QzXBEi_hZPFQrMPD6JxPp5VThKgP_XmjLmGTJkzxn4G4QG0jktSP2gUzJ71T2uoE7vk0SpuWccnPEykonO6xVRKFz9bjdnCN4CVSEA-ef4CpCuGySNh7tfPljDPFGxHRKbLHRTeTexXYPBNy81Fu9luNr3brdXpXLszkcWGBqRJiipfcqwahUaJKCnGfBNmHznGGLo7C1pKw&sai=AMfl-YSxVaU6j7yQk1J2oRu7J5pZ_hQBoutUyqjR8nby-6kHK2E-6ZZY7blFDEV-fmTzy7hUj7ymmVxyficmSt1Qa24Nw3bkebLnu84oY3zL2VtfwDZ3RWE5YFaVH4UsdMzQG4BGCKyTS3yb7ILNCiyAxr4FB9knYptWVutbr79m4hRWoqXoeVBWfBCDyMXZ7M6EImAxvyy2fK6KJe49rPU-5LM7SLzQRdaAFpBTo-ImBlaIG0Jh_4NT6yMtLnb1gYMDxvJ1bJnwf1Z5UFPlDKIzJSNfeQ9PjGbnUCbet3lSoRS7v4J6yN4qjubw5jmT3-zROXUl6tvdLPia00axHVh7EwV_9gl7_gb_iq3ML4RkYzAwFk170qdQh2OS5502xj0niwPyhK28FC4FzMAc93z77XkWLlFpkcCKK6bx_wY9GrOcm_AwGcSnw_R0YT-bMsZEZ6iYZQdIv6p6r7gg1iazXhwoAnBhI5UrDdxmLELHXmO0pmaX48ZwMtq4cSF5LaWtplUluFd2YtrAmg&sig=Cg0ArKJSzI2G6WQ59GS6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=369&cbvp=2&dett=2&cstd=0&cisv=r20240118.24365&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F647 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv1KDMx9wxIwGFeLRX4mXYAE3M5GiFeuciXnlVtgnqW_l88vobAtE916GHnnv5pBDMmRV6Ie6o_BOlZ8O6kkrREjaWusMh_1z6L51lwNOrqHWZHe3fRv_U-uuOK-PdYdMm4wTW6nJHIBEGmJjID_8vOzQgugf0N-RK2LP_Xq78HiHb-N3Ex3ubyQO238xD3syaYzqQepCgxGuu3TDKbe1bdfSeIThHeyudfX9FOI2mLrIdJ9OwpG6V9IvwLv7ATHCA_mTq3hQDY-Rjwgz30WTffw-HDR8LHR7SCMXzjorsyWnjBZulCeowP-09DDj-fcDp_uE7b95edgCKSmCQFs9mJti4SIdnHJEC5gcPJD_i40C5HygaUzaQwg5yrsBLg6BCbPAYaLOZ6OAmNDfCHhVcPOPGb_l-Fa97fibCQE-gSK9KIAy2Gf8BXFFXNkP6JTG-8rmMVc162sXj31vRTvOx3avHRHiv-qoTFM2PH86c3cXY6tWZYqh2v5oGQZJPLIz98CLlVJDBhb6iLNkIUwvhujWTbmNvQTG3DErW7G0HarVxv33kgBGN2PPcShGv181X-lg5KDSbU5_5q0j-S1UuQY8IzcC8U7c39OESHNjNbEjuL2Q0RT0tdFP8AXIJgTLuazHh35FV2ejGfPlzNevrvYMn2litZ3nrPmmEsC502sbqPi8JwUqsAZ1xIpcD0h0pq6b1R0QSDx-TNIqSBM41RYzCMoO4fuaudLIduGOBNSD0Ov7pXKNTrOBrEwbgHcKCZqSpSrEuvlSMINgsDNdYErtLYq9thPo18z490K3sE__Vg2z7Qw20Qv5N9OCkHgnd3CG5ecEGW-Zm60C8FGl8PkQ62QjFouTZKuuKQLMzCsekbcoZqg9jkdVdbdSTbCz0ahEH12hq4TQI1zpeVtjZCr0AaOJ5I_h4CWnvFOx89iRzx8CL0XkTQSwO4niVvCPM2SOtXwkSQsqSLhLXnn64ClwCG-2-hAbM4LUvNyHy9pTDc1q6BDVo7GCYVDzIpxNV_pLYk9CDU_mCfEcLJ9iMoDHwboK9_Z60Un2zGW7_4jRTKcJGY77ApRSny0kmmzeUFXm5ALTkEYnyH0GcDwKU0hcwva8G3M1ns-4zHEom1Iuui1SxNCHvCF8nONL4xAGNmYsiJiXS44y1b1yCvcQTI-eAJT3XwJyhgqPMpfKGSlfIrVF9szBy1FpiJQMsQDWC9LE04gWacRBUQmHyWfW1bb39cBRVXrzt_Uy8Cgc8F_PsNs0X7w8YYADpWWhjlHXnCXnvnbO1b8oGbCURCgFw&sai=AMfl-YT8gz9q4XtmyHKiYGCgCknyGdG-Eu09hQwc5fqNWSo-cZyOO5ujklhHByV2MqN2zoMyoq6Z2qcx2hjx2lXCzXoP4YDa36ItDeO_WMDvbPj0nMr5FLmFJFvAIqpPkwRdE25SGIL_LFy11R9uRgwqLNAo5QG5naKu5aKhyXgckBW9qNaVRNQTpEPM57uwqK-KmFfnt67SWoUL1c4dieeVFSrQlXkuxvUMyHwxBkfXFOWs1A8DRYM4kMogYFtzOIFJIvwt2Hjv03tmSS99cQaBQ18Sn2U9NsuIRgqzwtQteY5GvoQc4dqEftImYNugn7G274pFn8fQa1cgW8VeP8qVqQkQDQqwax_CmxHUb5UHl0qLWFVlSiOFoig1BvsjJQqHIQsaH4IoqXx2lwC6vpPco7b8ObdB-RaW0Is6QUXlmsb2hmliZHhb6oFph0Lk9O4NwoO-ZpGpSXBhe9sNSWRFODaN1IhagygyOqByqOHss6fIK2zv_fLj8U2MF7YWXyCg19YgvThA6-APxA&sig=Cg0ArKJSzJJy4XhyFXnaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=478&cbvp=2&dett=2&cstd=0&cisv=r20240118.35437&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
vregister.php
s.magsrv.com/ Frame 78E2 		0
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=5175116&43c5a8799e58514b3d87904795fff231=tsVuZ8uHLpt4cdvLnq48fXDp66dtdlTlK8E.fPvu6.d3Ht03cePDW1NZLXThmEd91wNxsSvWMPOZ9PGuqCtxd.aquViRzOeamWCubc25rgbYbtcprgqcpz5de_Xz21wNz2MxwVPuU59_PXz27a4G6oK3M_Pnp47eNcDeM0rmfXj368ePbXA20xW49NThn15dNcDbTEk7ED0ufXvw69evbXA3axTAxXBNLn44d._Pvx4a4G5qs.nDXA2zTNdU5Tny1wNtuWwNOZ8NcDbTFNMDlOfDXA3BVPn14ctdVjOfDXaxHY5nw1z2MxwVPuUr0sVuZ9.GuexmOCp9yldqymlyVrDMFE7W0xJOxA9Ku1ZTS5K1hmCidrcvafYlecXrmXnsZjgqfcpz463L2n2JXnF65l5XK7pqYs.O7h56a2G168J3M.PjW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8wjvut.uude9d2am5iltxtd2anPXA3PTM3Y1Wu0xW49NThnx7a56YGoJXl5Jm3I8.Wt.uuerPjrqapcclXpcqmjsrgmlz12VOUrwN58NdlMa77FT.fDtz8deTvXzw49vDfNrl5d7Ot9W.nnl14tNeNcEk9LlVUE0q9VbFdlWfDXBJPS5VVBNKvBLaxHA2vS4xVNLny10uOuUuUr1QVuLvzVVysSOZzzUywVzbm3NbDbMczUWfDXA3M665Tnw1wNxsStwSvLzsPOZ8Nbl7jVlcE0q9cEjmfDdw464G22K2GnJa3Kc.WuBtpimmByleqaylpzPhrlmqapgnrz4a4JWpnpYK5l5Jm3M.GutyqteSZtzPhrpcegmlXecmlYkcXgbz4a56Zr8F6q2K7Ks9vHXA3OxTXK5Tnw1tQV4LvOTSsSOLwN58NcrlbDVkFeC89M1.C9eE7mb81VcEr2uVythqyCvBeema_BdtypqmCeuCaXPWw2zHM1Eva5TnrgknpcqqgmlXYjjXgltYjgbXpcYqmlqz5a6rGeWfDXVYzzz4a6mqYJ6168J3M9dTVME9a8rEjmeupqmCete1ynPWzTNdU5Sva5Tnw12058NcEtblMrEefDXLMu7ZK3Vnw1wN0uVTzS1QWuLxsYTWV58NcDclkdcGM0rmfDXZU5Su0xPPBK9nrsqcpXaYnngleXdpcosclawz1uSMQRrwVT58NdTVME9a7blbEEefbXU1TBPWva5TVBNLnx1s2Ux564G2G7XKa4KnKV2G168J3M.XHXA3PTNfhn11wNyuV3TUxL14TuZ8dcDbTEk7ED0q9eE7mfLXTWyvBLa5LXNTgvA3nrprZXgltclrmpwXlYkcz122WQN58e_Dtw5dfHjt169ePXj249O3Vh1zn5cb88eHDXXBI5VWxJPnx78O3Dl18eO2tqaaKBxqaWpyWvPjA-
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		1 KB
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 10:25:53 GMT
date
Wed, 17 Jan 2024 10:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1c6b34ea327760cdc6583ab92f7e8832.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/1c6b34ea327760cdc6583ab92f7e8832.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 11:02:38 GMT
date
Wed, 17 Jan 2024 11:02:38 GMT
x-content-type-options
nosniff
age
536529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8224
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8c68f26fc9961acfb78efaa74f684c27.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/8c68f26fc9961acfb78efaa74f684c27.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 20:40:58 GMT
date
Mon, 22 Jan 2024 20:40:58 GMT
x-content-type-options
nosniff
age
69829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2104
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 03:16:47 GMT
date
Wed, 17 Jan 2024 03:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 736C 		350 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4703977
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vlmKdFi5m7WXN7mRY2ZGR7U5CjhMbHRvxVv8AH24iuaR3ORRKOKKOqHAJGuquPCFL62MPHyGAK9OKMmIaTchahMlS5790lAG5l8RRFXqY3vKRcK%2BwGGmBYfpiOLywSKWyJZvbkrt6MiOoCeCbKNIhYm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14643aa7099f1-CDG
expires
Fri, 29 Nov 2024 05:25:10 GMT
vregister.php
s.magsrv.com/ Frame 78E2 		0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.magsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=4983934&79be2ac47a9e6193f2762904688e358f=tsVuZ8uHLpt4cdvLnq48fXDp66dtdlTlK8E.fPvu6.d3Ht03cePDW1NZLXThmEd91wNxsSvWMPOZ9PGuqCtxd.aquViRzOeamWCubc25rgbYbtcprgqcpz5de_Xz21wNz2MxwVPuU59_PXz27a4G6oK3M_Pnp47eNcDeM0rmfTz45.efTXA20xW49NThn14eNcDbTEk7ED0ufXvw69evbXA3axTAxXBNLn44d._Pvx4a4G5qs.nDXA2zTNdU5Tny1wNtuWwNOZ8NcDbTFNMDlOfDXA3BVPn14ctdVjOfDXaxHY5nw1z2MxwVPuUr0sVuZ9.GuexmOCp9yldqymlyVrDMFE7W0xJOxA9Ku1ZTS5K1hmCidrcvafYlecXrmXnsZjgqfcpz463L2n2JXnF65l5XK7pqYs.O7h56a2G168J3M.fHW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8wjvut.uude9d2am5iltxtd2anPXA3PTM3Y1Wu0xW49NThnx7a56YGoJXl5Jm3I8.Wt.uuerPjrqapcclXpcqmjsrgmlz12VOUrwN59urDrnPy43269mvG7tx8eeHDxy59OPbj26d._LXZTGu.xU_nw7c_HXk7188OPbw3za5eXezrfVvp55deLTXjXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmc81MsFc25tzWw2zHM1Fnw1wNzOuuU58NcDcbErcEry87DzmfDW5e41ZXBNKvXBI5nw3cOOuBttithpyWtynPlrgbaYppgcpXqmspacz4a5ZqmqYJ68.GuCVqZ6WCuZeSZtzPhrrcqrXkmbcz4a6XHoJpV3nJpWJHF4G8.Guema_BeqtiuyrPbx1wNzsU1yuU58NbUFeC7zk0rEji8DefDXK5Ww1ZBXgvPTNfgvXhO5m_NVXBK9rlcrYasgrwXnpmvwXbcqapgnrgmlz1sNsxzNRL2uU564JJ6XKqoJpV2I414JbWI4G16XGKppas.Wuqxnlnw11WM88.GupqmCetevCdzPXU1TBPWvKxI5nrqapgnrXtcpz1s0zXVOUr2uU58NdtOfDXBLW5TKxHnw1yzLu2St1Z8NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ67KnKV2mJ54JXl3aXKLHJWsM9bkjEEa8FU.fDXU1TBPWu25WxBHn211NUwT1r2uU1QTS58dbNlMeeuBthu1ymuCpyldhtevCdzPlx1wNz0zX4Z9dcDcrld01MS9eE7mfHXA20xJOxA9KvXhO5ny101srwS2uS1zU4LwN566a2V4JbXJa5qcF5WJHM9dtlkDefHvw7cOXXx47ceHbrx7cfHHh26sOuc_LjvDo5311wSOVVsST58e_Dtw5dfHjtrammigcamlqclrz4w
Requested by
Host: pornito.de
URL: https://pornito.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame D0AD 		172 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_700_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 13:23:13 GMT
date
Thu, 18 Jan 2024 13:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76650
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame D0AD 		173 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_500_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 22:26:39 GMT
date
Tue, 16 Jan 2024 22:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581888
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81411
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
cookie-frame.html
ad4m.at/ Frame 7CE2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
938622
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
84a1464359f87904-CDG
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 16:04:47 GMT
expires
Sat, 30 Dec 2023 10:37:00 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFz4ReLTVJpMQXQwg3NVw689mPTvuLALBICZG9agBlLoA7oueYZ4X0Jhwmnm01gben7Cc%2FvtsKsVUf5w3r6TqrKoA8Qo8t1sYGCpN%2Bcfc6soV5KaWhufi8I0kFHST802%2FLxZvsQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
gloutchi.com/4/6844028/ Frame 9E82 		32 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gloutchi.com/4/6844028/
Requested by
Host: www.s2movies.pro
URL: https://www.s2movies.pro/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3363554daf655f54099a7962b3a90398095a396371c38c88fd5db2a105b5ddee

Request headers

Referer
https://www.s2movies.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 23 Jan 2024 16:04:47 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
d4ba7c4cd1774f5a02d364f2b42803be
1.jpg
pornito.de/contents/videos_screenshots/1799000/1799532/452x259/ Frame 78E2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1799000/1799532/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b1e3161de1cce033d34d742887b53c870770b79b62f8913caff08d0f469665c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2132"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8498
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4202000/4202333/452x259/ Frame 78E2 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4202000/4202333/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
cae15024a69f06fc2e124b25d160a09646d0b9feccf70136040143873803f7c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-3128"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12584
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/1316000/1316950/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1316000/1316950/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3fdcde931b9062ae5f90667dae03579fd6a0c01e48cdd12a3dfee0043ab1ee57

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2e9c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11932
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/587000/587518/452x259/ Frame 78E2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/587000/587518/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1dfdf221119134c8cc871c379eb3b770d1bad06ec9ba2d64c11db61cc5ce9176

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-3e84"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
16004
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3790000/3790090/452x259/ Frame 78E2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3790000/3790090/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e7037a6f46bae447d2244fc31568814f03fda73a034afd27b035e858be8319f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-4b3a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
19258
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3605000/3605937/452x259/ Frame 78E2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3605000/3605937/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ec70fdd6fa4ea1e80b04cebbe98e801e6a658237b69155d41abe0b0b8801dc96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-1bf6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7158
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/873000/873869/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/873000/873869/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ef807d7beb7afd4ddb5cddd3f9b0c5eb11d36d5724330a3a8021d92fc141c5dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-2e4e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11854
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252761/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252761/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
82b11db00f6e3b6d8ed252d0067df0bcad2e0a9f872ee66a3d0a2f2b8d2b73c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-1e10"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7696
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3057000/3057701/452x259/ Frame 78E2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3057000/3057701/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
2ec54658033eda36acacf610298fdcf8be19d80f97b9c2a75503aa11d8d915da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-329e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12958
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/1897000/1897429/452x259/ Frame 78E2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1897000/1897429/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6073a5b7084b6468f138b66a8bc4b0d9ad1128f9a2c480778d2b74a8929e23c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-177a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
6010
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3717000/3717700/452x259/ Frame 78E2 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3717000/3717700/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
067ac57b40fe26760f8cfeff14816138c5f4a1a0517d412c489995a5ae711461

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-451e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17694
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4239000/4239104/452x259/ Frame 78E2 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4239000/4239104/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
48034978c46b58a81203471082633c57cf0c18597dbc1f76bbe7836356e382d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-5992"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
22930
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238379/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238379/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
eaf9d0fe8ca869157fa17f2a499c2b2aad72c003a62db2e131a549290f804df2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2e00"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11776
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242881/452x259/ Frame 78E2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242881/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
70bd67054aa6ae68e0a2695de05be71ab93e5ffae2cae6c362cfff432589adb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-254e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9550
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247734/452x259/ Frame 78E2 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247734/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e43e4195b948eff28b5188fda396f611aeae64db2c7c1cc25d402449581fe0db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-458c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17804
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4243000/4243795/452x259/ Frame 78E2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4243000/4243795/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8726f68788e7ddd812e0bd80eccbfc868a5ab34345bf3be6a3e7137570e5eac4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-1746"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
5958
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242599/452x259/ Frame 78E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242599/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
571ddd566f90b57ca7a827787fbbf734574bdbf5cacc05b47e2c386d767b203a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2c9c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11420
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4240000/4240308/452x259/ Frame 78E2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4240000/4240308/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
35712bc049faffee865911fc57ca06aaa93a5f32a05eb9a9cead7949fca66e5b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-391a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14618
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4246000/4246595/452x259/ Frame 78E2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4246000/4246595/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a46e78a3e3ac9e2438100a23b0b84b6b95df15eaeec0789efeedc447ec841e1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-361e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
13854
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4246000/4246581/452x259/ Frame 78E2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4246000/4246581/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6aeb819975602a5e081823fab8310a26dd89a9a046e9b3ef0e3c60836f113358

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-14a2"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
5282
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242156/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242156/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
04b1ef1ed429046fc28427973f439da247ee8429a4db42448974f601cb25bdc1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-2048"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8264
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237857/452x259/ Frame 78E2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237857/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
aa003626233069df1e8ae3ac8f4012df62d69aeaa052ec52e77478e1569c85f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-47b4"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
18356
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252780/452x259/ Frame 78E2 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252780/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5b189e22687df35d236118c5273f1b329b83b6c7a265b87f528e03d8cec807dc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-702e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
28718
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238687/452x259/ Frame 78E2 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238687/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
622c115a90846fcbac403ebc204eab9c0d7b334db5ba24d4b78c3dee95fb2881

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-5faa"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
24490
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4243000/4243318/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4243000/4243318/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d353bd12cac895c473c3292fa0773ea331b8748cfbed90a85a6d27d29a47a808

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2e6e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11886
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237976/452x259/ Frame 78E2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237976/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b0bfca8a0e609abe8cdb762d43f4c56ae1c374e54459586453035cf5491c7c4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-1dfe"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7678
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4245000/4245722/452x259/ Frame 78E2 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4245000/4245722/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0b05601b151eb6ebea91e657c9b9428b5d820dad57e47e1af0aa4526e0842e7b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-7aa6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
31398
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252746/452x259/ Frame 78E2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252746/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
acd5f2c1850296ab190dc352ea9c37a065837c5c29eab8cf7c3bd5a446554dc0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-6746"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
26438
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4245000/4245893/452x259/ Frame 78E2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4245000/4245893/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
821783c0e4b92d6d55a9180964df9badc3d8f1b4023b2dec19ab66fd4481c764

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-2578"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9592
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4258000/4258001/452x259/ Frame 78E2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4258000/4258001/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8d43afc476ebb74164c1ea7258bbeb85a77b70741c9df0cf2eb9eed3cc11cb8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-562a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
22058
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4249000/4249282/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4249000/4249282/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e2eedefbad851de8a30f4e9a919f9a89dbdbc2ef26f4811f43caf6b675197ca9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-3060"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12384
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252620/452x259/ Frame 78E2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252620/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5a23dcd10b0413461e6060c915c729dad1431d1c6e91e80609edeec9dcc4d3c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-3bb0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15280
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4251000/4251753/452x259/ Frame 78E2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4251000/4251753/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d707aafae92795b4fb2f7c93c17e69c154e30be54e8c6f6260b8b1e6933bf66a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-3e5c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15964
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247750/452x259/ Frame 78E2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247750/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
362bec0108fb737db9a141c7df2027487e5d95f2a8cfcb7bdd6ac7357f7bd9dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-2668"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9832
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238380/452x259/ Frame 78E2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238380/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0310868ed60667ad16002c81b80b43550549fd77196c567ab2c122f39e973230

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-4f0a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
20234
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4257000/4257005/452x259/ Frame 78E2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4257000/4257005/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5fded760aa7f3e1d4a72ba1976d0d3baf55ab273c9ff4043daa76c7955ec05d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-19e4"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
6628
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4250000/4250107/452x259/ Frame 78E2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4250000/4250107/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1136bcd18ba9b01dc8ed941dee720d0cf94b5d6ac7d23dac1e0f3ab513840c0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-212c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8492
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4250000/4250455/452x259/ Frame 78E2 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4250000/4250455/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9083a867ea1f900be862f6c018cd2372e5472e4baa2718da1382847f917153f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-4382"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17282
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4241000/4241408/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4241000/4241408/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
676b5c0ed9b5bb90099a4b572927f26ccf0bd4deb619cfac75868bb5dae16cd3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-207e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8318
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247129/452x259/ Frame 78E2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247129/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a186b46cd709c3da8fc25900af33a4187a486b3e73b0a6beb182d1c38c6b55ba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-1d3e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7486
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4254000/4254596/452x259/ Frame 78E2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4254000/4254596/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5859b846522fafee8dfc659f975871aa8d35ad84e649cadea4a4355c963f3c6b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-4cfc"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
19708
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238107/452x259/ Frame 78E2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238107/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5e7513f8db92d5a96c93feaf74ed19de8054c22f70d7dcae9ba418f3f18aae0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-1cf0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7408
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242869/452x259/ Frame 78E2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242869/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
edb4094266dc2ebbf9ed9c7723b71625f95dfc0844262bb7c19e7d0588295a7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-263a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9786
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242697/452x259/ Frame 78E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242697/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
c62348408285fb6fb2e54508b4ba746a74880f9761c9b45fb56d49c0f65a0a24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2a4a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10826
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237875/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237875/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
75d327ff4367d4a60a7e79f1b4f8933c6e12f5fb97cb28c77e88827509760bae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-2e22"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11810
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4261000/4261568/452x259/ Frame 78E2 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4261000/4261568/452x259/1.jpg
Requested by
Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=vGs1vm3toUhlNa8HbBlsdOGHrg6F1kTVGDFUEdp0Cy36aLeeFsIW5SuV0qyVaJjk&d=utjM3DLsNj5zSESnDmmLw41Z9q4qhgNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
16e2112ba2b4f9917cd42decade78565bb7bb53b65a510ca4470647ca6c62ba9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2930"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10544
expires
Wed, 22 Jan 2025 16:04:47 GMT
view
ad.doubleclick.net/pcs/ Frame B505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvfwZh0LBF_iBN3w4nYbWwCIWSbtFOisxPChwfKjv25k_xQeNtT9zDVzuKI-pVpNxSS7pX3YqTTSniV3M20thIvHzZVB4yf9bzgRgWlPkKFWhNtG9tPi175368_xD0nwthkxIYfu9ksTmYaQGn1EMlGT_S3IOX3jHgyHzmP1XMfkahDF__cBA9w6MhKykIRFKYbnokbV1_kP-MXX9SaHiGZHDHcGAKcUjqX5cLNV6hhwtWDbHScK3V9pk6u86CtXdWLIT8wP_jfkObMAwlW82H9ae3d6myqGTj09blAaFUNN97ImYGiaeW20bic66KmnMHNeZLEdcsjupbRRwXVfiiqTtBLACrGZjROPxu5xqbEKwOLT40t9F-PJcIkY7tEg9aW9m4tCPYbjB6rKt1tLAwQGkgryJ9pbwTkIlvDKhx7qh5qn82sPbeSRnV2qY-S4TvA2YU5qLtB0m1lb-erETwblu3H1eaBe5VT_H1NXH4dRVn9BIF4iHvd4z8S5Vt5LDJ1Mc1k10tUWQNdCv6hEsntTbkadqyZJ4_J3bW0QO393Qp0KZZrZeCnGA98Hy0y6Jygnbr7qupvj-IFo2EtzI0kJTPufwSr2H69RMvIWZuol3J3w5JIWjMDGigTKOr48czRU7dvO-DmPADwWt0qbaCX579CXsdmToJQiMoXy_Mcw7jk294moZLtXwktoFHinFqf9xqk_Kw-XeB4jS5L-SagkbwpT-qHZyVH673SFgcZzMuT3F_dRKQHO8LKmpF79T3B7PkguQwsAq8cohqzvhkWF_4i56QZqJ5PS7MvBMdMJtLYKIvE2IyRNM4TtFF4zZJumAt0rACVnyuM_Vt2LIa4k8xOg3HwZT9_UiUB-UEXDsKTgqFcWb_ATyoKaCPcPRETSDqioc8JN7EcnEVOpJLyj3hc57I1jVgChkCbYgXK9lgihSNLXUIaq4lg_J94ropKpIVM5GAegJQ6AQHqNeGPWwQQEAGGX84WWu7Fh8PJHbpMsbwjFUOZve-KKIGV9Nzyw4pY5K2hIwrHlEx92HUNJuDMFQs-th3olxjwJ7kpuNoQNSYBNaPIMGxQRQGDyVvuyv6yG5-1aPdaWoCso8Zi9KzigS_t7Ngcdc_5pPKIR2VNy15v0gl6taZ2FcOG5a4z8JYLJuHBsD5mi7VKtxExk40nUYErR0aIgYwwzbBjKR6cOGx5Lhu1AYEL2H2AMYeQOsmZMu6frbDIWOK7ssA2eeL76Re0Hb-7dwPfrwgGrYMxBb5M6m48YdJRIg&sai=AMfl-YQ1SlCxQk712pqHxhaJ08y_UqV-Spc4r9Kq45sYlfYZ0hWaSXdJgS6v2Znjlv8kMcv9apaErdwzkh0pqcvqZliIPiNRXc-cHhwy_8kUMn-XymcDb2wbgCMLbwXeNV7q0SrvTfP3k-SS-YzVO-2LtN9nlmDG24_hD-W7lmPRqZs8uAflzESG_qV3aNr3HgIZu161PWp5dBv-GXOjCGXXvXbvYYxWnvvAx20a6EUcc-dcf2nBztG4gus-UCgd8ohNRz0dF72ZAvnYZsqL2cVzDDScqPVZCZ9arkyX6X9Gnc6akFjDVOxmyclASpoZt9nhJFJ1vcXT0LDUr7yLBOfyl63EWi92prquwnZSwNvzyOaYZaAxx1eI6L9_JUPVnuopKp1ZeKmqM590PM0Lc_n2jnB2oY2ucJ8iv-1s7dPLc5eyU3FFAKGuOtUdxHZQE1wbFbq23lU6Stn-u_rZQsf7WZ2V5UPUsNKmqaxBRk8ZvZdR1qcxGlz9MUv9Jfzf78NpTvlAYfD1Y0A&sig=Cg0ArKJSzKE5CWULR0mlEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=550&vt=11&dtpt=377&dett=3&cstd=171&cisv=r20240118.86755&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D748 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJqaXneOvZfrAOYb9_tMPj--usA8AAAAAOAHgBAI&bg=!6Oul66TNAAZVxkGXdcY7ADQBe5WfOO8EIJulAASUtpbT_I_8jyiCC5Xt7tyqzwE0L0-kwLkp5r6hYl4Bt448vU4IeWmQAgAAAMtSAAAAAmgBBwoAWFACgWrpprQ-vXhFhzuxVDDBIDIoBZZplP5MnaFHADuWI8rUHXWL3ou60JRtz9Uk8DP7XHooj7wvslTbKfiPANNIc0Yz2GlgUw2A0HDTUjWmYAvBvJUnNtSZAweORspOOAcCPCyjzpUJdv7WCWWPF8Mdukf4D4pMYdEC43ObggzxkkgB4XJ18rf3gdUe1eP3Pvje1UePqDC0AWk9-8ttD_eesdE4nGCMIIAePD-Ul95K49ogahjga8DjoKK5n8zlA7Yj6uQydLHnlwJPGMMzoXiGhbpIJIc1VOw0vctgI1qi3cYrCHmPtLVptfFlP5i2JFYDgx3iaYBOxtMav1FQZHNLJbGVpmrsS9ObZnjjrYyQfz3-L3hIlqhqaBPWaq6CY8A-MHVe0BAMg9n-qpUUHzoAG0tycXLbMhpzm6sxuwz4VwYT_Mv4Pw3lnPedyi6GivEqUU68vNIOqO0WpL_6fadFA2xCKP1XgtjybxghfetU9pELYdW8VXpXbzY7vzZkpXy_DMAhlqNHoll3ZAYxNmGlkDbjAJaubhBVbdM7hHdetT39PSa-FOQNIhMh5WU5dBl13jY9W2UsKtutgs7w3OAo9p_yqKQ0kyImlYyL2cEmAeT0_tZSAP8Uu2AxVccIDatazuoWeW9V5s5FwPQTEW1QCn6eQW4Ukmeyn4q_Uqt4sbCeo5uwqn3JppTs4h8hi-AltoPX3VExJVm8z5XnQxyMvrBE2c6mNgAJa8MAg_Yu9NZatnVXkdfBk2S6wymUxFE9-ySZBeQqohi3M1fj2HMUEULhBPDcx5eoN-WIg9lDfLouyB-gzP-GQGSXxE8o7BGX2-rI3RJ2dpQ8mCdNynXTv1E9sHRh9ZI8Elt3dQT98Wk8Zc1FEZSiHdgBRjGq3NIaSwIj3NbhylXY-Z0jLSo3mlCAAuhcP4h1g__kkQjT-niJxaDf20gB1qCNfB51vXbZxid8_SeH7i-KuPq7iZ3ByIjU2HAQgHY6g653vH7wUEgjZ1NW_kLebnPN_0W6n1CgHpjUPx1i1rmXcIjgEyJmcoIcxUhU1Cr2YSkn93x9cvdHAxCbnZXGGQM1R4rtbxzjRCGcv14qkPmAI8UWvwaUlHdCab7yCETpfDfciU6x2H59TuWq1x86bQqmPkTotfQH
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7681 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLl-LnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoExgFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxZ5tbNJ6VVDOHTY3SzxuqYed0aR9o-WmhR7c9opYeY6h5CiOSEACABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MzA5NDcyMDE2ODIwNjcyGAA&sigh=Rd4i6jLRCyY&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_mAzQaAtcu0T8lhiPEQZ76yKzR1CLTdm3bEyynslin8nmX-ASAxg8TpIJHIgCuoxpPX6LNX-wGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7681 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kmqbnpg9w7kv76zqem58v9z03m7d7c2kt0vrmbfw1va6wtqghbe1451phtt19nba4qm6trgqxvbn2786ymzy94gfwt33ct783v52e3r781x9r3k7kkbpkgd2y69ay6b3h8st21zvbhq15bxmj9573qf52x5y3zj574ve5z103e6cztdg23eanwd8jd5xc6vfsyp0x6196dsgkbdcrkyf8vxdsqsez1smf3rr3r361ajvtyd6wacad7z7trxkzmyjc1qc419avmz0maxxwqdwf2kbe0y19m9yqwdzcrddkfrjqs2tzea2bsnbzn5gstqa56kh428q1095gdv0e04cf1pb3xqq60z9cqkvcgs0a2a9r7k8kx20w8sfr3w7s4c275jfx47s8&b=Za_jngAIg2UEf58bAA_KxWWZ5Csg0Yk8Th_T0A&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706025886&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706025886451&bpp=1&bdt=1036&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=1817310564721&frm=20&pv=1&ga_vid=1058767832.1706025886&ga_sid=1706025886&ga_hid=430421877&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C44798934%2C95321957%2C95320888%2C95321626%2C95321966%2C95322164&oid=2&pvsid=3977645808539295&tmod=190852249&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:04:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		1 KB
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 10:25:53 GMT
date
Wed, 17 Jan 2024 10:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 03:16:47 GMT
date
Wed, 17 Jan 2024 03:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1c6b34ea327760cdc6583ab92f7e8832.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/1c6b34ea327760cdc6583ab92f7e8832.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 11:02:38 GMT
date
Wed, 17 Jan 2024 11:02:38 GMT
x-content-type-options
nosniff
age
536529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8224
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8c68f26fc9961acfb78efaa74f684c27.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/8c68f26fc9961acfb78efaa74f684c27.png
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 20:40:58 GMT
date
Mon, 22 Jan 2024 20:40:58 GMT
x-content-type-options
nosniff
age
69829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2104
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1.jpg
pornito.de/contents/videos_screenshots/1799000/1799532/452x259/ Frame 78E2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1799000/1799532/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b1e3161de1cce033d34d742887b53c870770b79b62f8913caff08d0f469665c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2132"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8498
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4202000/4202333/452x259/ Frame 78E2 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4202000/4202333/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
cae15024a69f06fc2e124b25d160a09646d0b9feccf70136040143873803f7c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-3128"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12584
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/1316000/1316950/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1316000/1316950/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3fdcde931b9062ae5f90667dae03579fd6a0c01e48cdd12a3dfee0043ab1ee57

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2e9c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11932
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/587000/587518/452x259/ Frame 78E2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/587000/587518/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1dfdf221119134c8cc871c379eb3b770d1bad06ec9ba2d64c11db61cc5ce9176

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-3e84"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
16004
expires
Wed, 22 Jan 2025 16:04:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D20 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNamVneOvZfnAOYb9_tMPj--usA8AAAAAOAHgBAI&bg=!RkWlRQrNAAZVxkGXdcY7ADQBe5WfOOGFTePxFPXud64J56ryKZkO76bLy-pQuGmceDYTMjpC6lrt7c1k4FEqe-eNsYnLAgAAANFSAAAAAmgBB5kC_EqlaFwopKrJ1EjQzNf1ZMamctSda8xs4DYicc0gcQnr74I5jr84JUHEbJ4v8FdFeFIKo5-kF4n0AaMzqLsFgvlyWN3YGZsCDViojThA92DwmQp-HqjvduwvFn9_G-2nKV_XpJdyIK4Im8SFtYpbknXzkRZLV36Ll127_n78KjX77n5SuNdEFaZ52yuVnrR4op6mpvm8sfujdjllxeH_XcwcaYt1sJNQuW7-3J6NCUgSYA0Hzek-USZvNLUXolfMpz-NeCc1bpLcoz_VkPe5fBQp4ya1P4B_6n8AlmwEV-q4qjHp-8zsAvG00MM1B_OvpP5LyUwGpXHxZ7T-yJNK-uxOzLgwYpfcbsGpO-d5vpnDIZ1Qr4218875Oz2TVNeOQboM70QkR70iOkcFzh_a8-_WqaNDbeuN8Fy_ftm30c6vtZDP7aMYHNnAfQzPyUs_i2gxGAu9I1kNs5ST0mQvFbGb7z2rvOdM-jUgSfqbKEXQdEmJN7lbHslNilSDrRST6StQy9f4ocPrRsaHIik4YzMMb_1L4_fgYPZ4hlOhNKwy6nAJFWNzpOgpDJ5OSJVhnwmkkpc4MHj2gstTzHVjHKvOW79txaU4lsZTQ5nUUUzmoY1zBake1YBYswW8hfoefUpr2wtIKMUNaZI3PXOIJmejXQlbdcRAF62Ey8FMdJNS6f0CyIX2PdQdeH4W7ANxWIgNaHiCLS7OwnFmB7xZaAVd97AwBrnJglwYSf_eE0o5Z5g8y3LRJdrrShJAyVbM0bmtpScHuQe5ASWIhGOxhHGRx-DcrTWNmKzoR7RzvF6b1DVCHRCkHrRVP5J-IxgF32lhLvCcGObs2Vk4w18jkAn9-tiCbCSfCzvWX931Zx0KyfN9ISYzAdpZ7HGm_ev_O13JKMfox8JRapmCJlGhimNpWme-vwSt98FV4VE7EZCA0IjBCKTUVD1An0p8ZgogxosYqkPWonKs1NEi_hLXOnvgWH4bTzt0Vu3P9v8IzFkw8ibjD6xlJMtnV4VK
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sftouch
gloutchi.com/ Frame 9E82 		2 B
608 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gloutchi.com/sftouch?userId=2fcff48db3fa47b18bc21f3f6198240f&z=6844028&p_rid=79a187bf-63f8-4443-b1d7-f0365cc18784&p_src=sf&branchId=0&rb=qmS0lxRt-823nHgPJp8kua0YABzlwNwjQaeM7E9i8tK73PwpGdleRcz8bQ05WADcKdiasbvL9E25xsWa-4TxO746NophTsYLMPVru5uOsEqLZRZP0z2oTKe2xpISq78YIv2EJB9xat7T4x6btTunP0IYJ6KaDbmpSCkpiFPLdVweGaVlrElBfYBNs7aWaYSdTJ1mgdTxWgv2vSAiIqCme20rhBExQXKNdrX00mOtitLAS0o7Cy0ZVMmi_I3vRS50HfAdo-jcagOI9W9wTySuGh4DgqJteqZo43TMrKaKVDci0Ze3OGZ0Rs0tOiQ0uuMNYYKGI4adYPk=
Requested by
Host: gloutchi.com
URL: https://gloutchi.com/4/6844028/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gloutchi.com/4/6844028/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
36dda4992b71c13660bbce06dd0ea135
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://gloutchi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ Frame 9E82 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=2fcff48db3fa47b18bc21f3f6198240f&z=6844028&p_rid=79a187bf-63f8-4443-b1d7-f0365cc18784&p_src=sf
Requested by
Host: gloutchi.com
URL: https://gloutchi.com/4/6844028/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gloutchi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
1.jpg
pornito.de/contents/videos_screenshots/3790000/3790090/452x259/ Frame 78E2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3790000/3790090/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e7037a6f46bae447d2244fc31568814f03fda73a034afd27b035e858be8319f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-4b3a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
19258
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3605000/3605937/452x259/ Frame 78E2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3605000/3605937/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ec70fdd6fa4ea1e80b04cebbe98e801e6a658237b69155d41abe0b0b8801dc96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-1bf6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7158
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/873000/873869/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/873000/873869/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
ef807d7beb7afd4ddb5cddd3f9b0c5eb11d36d5724330a3a8021d92fc141c5dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-2e4e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11854
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252761/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252761/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
82b11db00f6e3b6d8ed252d0067df0bcad2e0a9f872ee66a3d0a2f2b8d2b73c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-1e10"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7696
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3057000/3057701/452x259/ Frame 78E2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3057000/3057701/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
2ec54658033eda36acacf610298fdcf8be19d80f97b9c2a75503aa11d8d915da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-329e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12958
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/1897000/1897429/452x259/ Frame 78E2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/1897000/1897429/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6073a5b7084b6468f138b66a8bc4b0d9ad1128f9a2c480778d2b74a8929e23c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-177a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
6010
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/3717000/3717700/452x259/ Frame 78E2 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/3717000/3717700/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
067ac57b40fe26760f8cfeff14816138c5f4a1a0517d412c489995a5ae711461

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-451e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17694
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4239000/4239104/452x259/ Frame 78E2 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4239000/4239104/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
48034978c46b58a81203471082633c57cf0c18597dbc1f76bbe7836356e382d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-5992"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
22930
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238379/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238379/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
eaf9d0fe8ca869157fa17f2a499c2b2aad72c003a62db2e131a549290f804df2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2e00"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11776
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242881/452x259/ Frame 78E2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242881/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
70bd67054aa6ae68e0a2695de05be71ab93e5ffae2cae6c362cfff432589adb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-254e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9550
expires
Wed, 22 Jan 2025 16:04:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPKJbneOvZfjAOYb9_tMPj--usA8AAAAAOAHgBAI&bg=!KCulK2TNAAZVxkGXdcY7ADQBe5WfOOz4giylqdSitgISmKy2qi1ulaZHliap3fYAKXh8OYwXC_VPP_zlNYWIPrTq1_osAgAAAONSAAAAAmgBB5kDEq6Q-XzIXj2v0Pt_mXWVNxjbePbFFtBismFzYVJvqy4zBDFFfamG3LYvBAbrOc12ZzwHCsDm4fszRI45wxbijf7v8u7JT1aKX_iR7DJd9eWfz2KUgtCtrkKHH8QghFMBR5F8idV_2slmFjrOKzu1gru3JLbTEZIYPK4m6nnaDyrZKjm0Mai6eQoEgd4jfIjrfWL2vXKzTWIZBPsxmOzkTSqBaWXWZVf5bSckHKbeaKVD8tJJTGJ-UADY9IRPbbq9EvNkVoVWuTUiaMvh12QHmp2hmbrRavwkEl0YWCGpCO2CR_Z01kP-IvMFZfBwTGBin-MZnf8J5DhGFjaEVY8sALrw-ktUB4vu4pKpLFUB6g74aj-HMwbEUvLEoAaxwTX4HtidWJSyXRNZKacc6hq2KnJW7DWDE1jzTglwGnTgZJPZ7-wbUc2p1FH8F4lmffqrVTw2yxjO_FWKXi5M0LUJ_p02z_j7R2MsB5jVzXtQ3NtNwCY7WhgqTOKfq23bJECUGBgofT3Ayse9GerVYuDOuUxTUitK8HAn9bocQVh-PcjJJPK2CeI60si7O1W8XnM7LYJFAFLQ5vCz70W6ItFgSqeTd5sgp-JwjnDboQ4DtMRvzp4m18wjkgN-n9nf7loNKPsmY7ymMi9tKDLeEmlY-32hlsQTM600cOiqWXDM9iwAtdERGbj0_8_6jgccJql5CUFxZJYN7072Yd75soQG6PzEhKr5XNOkBJ5q4aX6AsqJ7guUh3xgLnIa_Xy6fMdB6vW44MsnvnCp7tTyVYGXct9M2V_GpQLSGFXNwUam2GaiuQcvhAZqpdeoEkjlr5gfESxYDW5uXZ9JEFS9DUKPBMgqsiVL9QlCp8SnhklV38tqTAp_5OMhC5FoCXJL5gKdytWfeM69fMv54kFLURIh8zqE81pEbjhR8THxu4pXA8_fTvqOfxdXrsaj1_djbqmnK95hja3wG260qmeQYmXkpa2qG_kSisyawT29_O7K-N1Cbmvo7dxIFOKDzAcoVefbt20jyoJHHOntfRZ1iwTgF7O_AA
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247734/452x259/ Frame 78E2 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247734/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e43e4195b948eff28b5188fda396f611aeae64db2c7c1cc25d402449581fe0db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-458c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17804
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4243000/4243795/452x259/ Frame 78E2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4243000/4243795/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8726f68788e7ddd812e0bd80eccbfc868a5ab34345bf3be6a3e7137570e5eac4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-1746"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
5958
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242599/452x259/ Frame 78E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242599/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
571ddd566f90b57ca7a827787fbbf734574bdbf5cacc05b47e2c386d767b203a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2c9c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11420
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4240000/4240308/452x259/ Frame 78E2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4240000/4240308/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
35712bc049faffee865911fc57ca06aaa93a5f32a05eb9a9cead7949fca66e5b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-391a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
14618
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4246000/4246595/452x259/ Frame 78E2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4246000/4246595/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a46e78a3e3ac9e2438100a23b0b84b6b95df15eaeec0789efeedc447ec841e1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-361e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
13854
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4246000/4246581/452x259/ Frame 78E2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4246000/4246581/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
6aeb819975602a5e081823fab8310a26dd89a9a046e9b3ef0e3c60836f113358

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-14a2"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
5282
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242156/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242156/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
04b1ef1ed429046fc28427973f439da247ee8429a4db42448974f601cb25bdc1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-2048"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8264
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237857/452x259/ Frame 78E2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237857/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
aa003626233069df1e8ae3ac8f4012df62d69aeaa052ec52e77478e1569c85f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-47b4"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
18356
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252780/452x259/ Frame 78E2 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252780/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5b189e22687df35d236118c5273f1b329b83b6c7a265b87f528e03d8cec807dc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-702e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
28718
expires
Wed, 22 Jan 2025 16:04:47 GMT
add
datatechone.com/log/ Frame 9E82 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7cd7182d-fde5-4e78-afd3-ba7e54768604
Requested by
Host: gloutchi.com
URL: https://gloutchi.com/4/6844028/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://gloutchi.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://gloutchi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238687/452x259/ Frame 78E2 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238687/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
622c115a90846fcbac403ebc204eab9c0d7b334db5ba24d4b78c3dee95fb2881

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-5faa"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
24490
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4243000/4243318/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4243000/4243318/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d353bd12cac895c473c3292fa0773ea331b8748cfbed90a85a6d27d29a47a808

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2e6e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11886
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237976/452x259/ Frame 78E2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237976/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
b0bfca8a0e609abe8cdb762d43f4c56ae1c374e54459586453035cf5491c7c4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-1dfe"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7678
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4245000/4245722/452x259/ Frame 78E2 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4245000/4245722/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0b05601b151eb6ebea91e657c9b9428b5d820dad57e47e1af0aa4526e0842e7b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-7aa6"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
31398
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252746/452x259/ Frame 78E2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252746/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
acd5f2c1850296ab190dc352ea9c37a065837c5c29eab8cf7c3bd5a446554dc0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-6746"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
26438
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4245000/4245893/452x259/ Frame 78E2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4245000/4245893/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
821783c0e4b92d6d55a9180964df9badc3d8f1b4023b2dec19ab66fd4481c764

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:46 GMT
server
nginx
etag
"651b8f96-2578"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9592
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4258000/4258001/452x259/ Frame 78E2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4258000/4258001/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8d43afc476ebb74164c1ea7258bbeb85a77b70741c9df0cf2eb9eed3cc11cb8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-562a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
22058
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4249000/4249282/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4249000/4249282/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
e2eedefbad851de8a30f4e9a919f9a89dbdbc2ef26f4811f43caf6b675197ca9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-3060"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
12384
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4252000/4252620/452x259/ Frame 78E2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4252000/4252620/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5a23dcd10b0413461e6060c915c729dad1431d1c6e91e80609edeec9dcc4d3c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:51 GMT
server
nginx
etag
"651b8f9b-3bb0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15280
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4251000/4251753/452x259/ Frame 78E2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4251000/4251753/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
d707aafae92795b4fb2f7c93c17e69c154e30be54e8c6f6260b8b1e6933bf66a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-3e5c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
15964
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247750/452x259/ Frame 78E2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247750/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
362bec0108fb737db9a141c7df2027487e5d95f2a8cfcb7bdd6ac7357f7bd9dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-2668"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9832
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238380/452x259/ Frame 78E2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238380/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
0310868ed60667ad16002c81b80b43550549fd77196c567ab2c122f39e973230

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-4f0a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
20234
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4257000/4257005/452x259/ Frame 78E2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4257000/4257005/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5fded760aa7f3e1d4a72ba1976d0d3baf55ab273c9ff4043daa76c7955ec05d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-19e4"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
6628
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4250000/4250107/452x259/ Frame 78E2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4250000/4250107/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
1136bcd18ba9b01dc8ed941dee720d0cf94b5d6ac7d23dac1e0f3ab513840c0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-212c"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8492
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4250000/4250455/452x259/ Frame 78E2 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4250000/4250455/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9083a867ea1f900be862f6c018cd2372e5472e4baa2718da1382847f917153f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-4382"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
17282
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4241000/4241408/452x259/ Frame 78E2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4241000/4241408/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
676b5c0ed9b5bb90099a4b572927f26ccf0bd4deb619cfac75868bb5dae16cd3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-207e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
8318
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4247000/4247129/452x259/ Frame 78E2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4247000/4247129/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
a186b46cd709c3da8fc25900af33a4187a486b3e73b0a6beb182d1c38c6b55ba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-1d3e"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7486
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4254000/4254596/452x259/ Frame 78E2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4254000/4254596/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5859b846522fafee8dfc659f975871aa8d35ad84e649cadea4a4355c963f3c6b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:48 GMT
server
nginx
etag
"651b8f98-4cfc"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
19708
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4238000/4238107/452x259/ Frame 78E2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4238000/4238107/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
5e7513f8db92d5a96c93feaf74ed19de8054c22f70d7dcae9ba418f3f18aae0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-1cf0"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
7408
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242869/452x259/ Frame 78E2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242869/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
edb4094266dc2ebbf9ed9c7723b71625f95dfc0844262bb7c19e7d0588295a7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-263a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
9786
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4242000/4242697/452x259/ Frame 78E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4242000/4242697/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
c62348408285fb6fb2e54508b4ba746a74880f9761c9b45fb56d49c0f65a0a24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:47 GMT
server
nginx
etag
"651b8f97-2a4a"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10826
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4237000/4237875/452x259/ Frame 78E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4237000/4237875/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
75d327ff4367d4a60a7e79f1b4f8933c6e12f5fb97cb28c77e88827509760bae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:49 GMT
server
nginx
etag
"651b8f99-2e22"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
11810
expires
Wed, 22 Jan 2025 16:04:47 GMT
1.jpg
pornito.de/contents/videos_screenshots/4261000/4261568/452x259/ Frame 78E2 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pornito.de/contents/videos_screenshots/4261000/4261568/452x259/1.jpg
Requested by
Host: pornito.de
URL: https://pornito.de/assets/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.90.208.185 Weyhe, Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
16e2112ba2b4f9917cd42decade78565bb7bb53b65a510ca4470647ca6c62ba9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pornito.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
last-modified
Tue, 03 Oct 2023 03:50:50 GMT
server
nginx
etag
"651b8f9a-2930"
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform, max-age=31536000
accept-ranges
bytes
content-length
10544
expires
Wed, 22 Jan 2025 16:04:47 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a14644a8ec02d1-CDG
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 16:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwPdwAdWiNdPApZ4ysQcpGTKfwBxKLRijB8fFKoUQss5VAth8tK9ARauq%2F6tXWD5UfiQ6o7zxBzUxh9i67qbY1UioK0bijnQzC43%2F43UvTL7P%2BOE%2B0gjOGSXeHvcxNRCY3%2B9CVg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-k5cv
rs
ad4m.at/ Frame 736C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41dc7a95d79c1ceb7dcf2cc860bba46a34eb825afa5520d09fe42a560cd218ec

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSpfJ2QN84D5q217KEdJ%2BzmP%2FJXemWDouLX9vPjOI33xH6a0BIaS1m9DZvZ9eKNZCghvgSrtJB7SmnYBP6gB2GHhD1XdnaKiNoULP8qGi%2BF%2F7h8ftqG5MOI9btLiIleLki4yFWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
84a14644f95b02d1-CDG
x-backend-server
aa-reachservice-group-europe-west1-k5cv
alt-svc
h3=":443"; ma=86400
sftouch
ak.eessoong.com/ Frame FD5E 		2 B
538 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.eessoong.com/sftouch?userId=f301508d03ff47ea9975a330fa1c05a0&z=6945102&p_rid=09761076-9433-4b43-b7e8-43201658e7d1&p_src=sf&branchId=0&rb=F6daV0IaSWx5xyBm_vk2-XyRJxT5tz4TW6xtpISzicKoXxqXub7HTBaYgSCtCCtkrQKO5dvmkgCZkZqkh71d8xq0xd-8BVln56XoNc3w90WxPKnCXOY5hrIrq8KB-oExOcZuTxLTEtnfgvj3QvoLNjPAZw-VIBTO5H6KdhgmK8oG_xQ_0sd0gDgjLwA7nZJljvFmJIamAsyTkpTH5D185wZxM85zEHLrJQphaq40G60bXxoyMv8zLScpxye2GlSQdxenPlYQ0tQawXfIeqiSQZJNUoh1PqfJKAtRQg==
Requested by
Host: ak.eessoong.com
URL: https://ak.eessoong.com/4/6945102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.eessoong.com/4/6945102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Tue, 23 Jan 2024 16:04:47 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
dcce5737dc1d00f8fed8b0e3ebaf69eb
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.eessoong.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 23 Jan 2024 16:04:47 GMT
img.gif
my.rtmark.net/ Frame FD5E 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=f301508d03ff47ea9975a330fa1c05a0&z=6945102&p_rid=09761076-9433-4b43-b7e8-43201658e7d1&p_src=sf
Requested by
Host: ak.eessoong.com
URL: https://ak.eessoong.com/4/6945102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ak.eessoong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ Frame FD5E 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fb1d3112-e4c1-433e-ac02-e8f393c32ff4
Requested by
Host: ak.eessoong.com
URL: https://ak.eessoong.com/4/6945102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ak.eessoong.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.eessoong.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
becely.com/ Frame 2AA9 		553 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://becely.com/?ref=C6DCt0hWjCm51a&sub_id=lb_44roy6d
Requested by
Host: www.linkbux.com
URL: https://www.linkbux.com/track/9411nzudoZ5imrcHUrTPruTWH6FKSyJRLCx3LYubiUzvna5ZK_aUIfMgKoS7AaYpV?url=https%3A%2F%2Fbecely.com&uid=v03040001438220c40312d5f94d19b5306a803c4720a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
982b986bb578e137f062099427a8caec3c501c84a9e4b22369ebd2badec42fe7

Request headers

Referer
https://www.linkbux.com/track/9411nzudoZ5imrcHUrTPruTWH6FKSyJRLCx3LYubiUzvna5ZK_aUIfMgKoS7AaYpV?url=https%3A%2F%2Fbecely.com&uid=v03040001438220c40312d5f94d19b5306a803c4720a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cf-ray
84a14645d8bfd5e9-CDG
content-length
553
content-type
text/html
date
Tue, 23 Jan 2024 16:04:47 GMT
server
cloudflare
rar
as.ad4m.at/ad/ Frame 7D74 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dd163fecda93f82066b1672d453ffb321610a43b8643f319b77cb53d65c040
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hr6f23tmzjh004za1nzc1a49bs9pmf5n7yde5903tsrnnty73zrpdxj5093zwbn7cc9fhvgg4ez1q79rv0j1c2s5p5ccabf8g8ddyma44wz29e3hy0587dakdzqdv32ec9dzaz58w8f9xjqgpy634r5cgafd84w5gx7g9c0vjq5qjfgacd85qe8az96cvcxdncg9ywq18zm1yatsvt3ex8w4e3shdwq9x50tnrpwfayg0x6ak5gxyeev94x9vvr99vtxt5yz7n74gtakctdhz586en0tfb36tdangv2qdkvsq2btgx9cxaggc8mn7tp4cvkftn2rggf4mzvyqn64ss5sbjd2jv4pgws3ygapwq027xsxs7q3ckrsnrnhq0zr6wggw2fcfa0mdxr9kf7s9tj6259nrx4xcv6pc8pjg5ff51sca5d7yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%26client%3Dca-pub-5309472016820672%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a146454cd67904-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:47 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
truncated
/ Frame 85E9 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7D74 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
784324
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDXHwnvcZtBghcZ5wlCCO%2Bg%2BetVenJocnP6enU66BrCV2715TDibz12fd2WJ7N1keL9U1YvrWYNorp7%2BoW1EsDYephwvXtJRg5vKtAJqybh56anS90j9qP89J75Ly3E3NvXKh2imkRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84a14645ad667904-CDG
expires
Wed, 24 Jan 2024 16:04:47 GMT
31A0E069CC6E65D06443D25481BB052E5252531C5557FD097A5A1C40B85EF34AAC89EC361A931DBD9E3CCF32717A3853AA2FF105B8A8D48E1EC18C5E49F650C1
assets.ad4m.at/logo/ Frame 7D74 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/31A0E069CC6E65D06443D25481BB052E5252531C5557FD097A5A1C40B85EF34AAC89EC361A931DBD9E3CCF32717A3853AA2FF105B8A8D48E1EC18C5E49F650C1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1f6a84c35aab991d474a067d5f14e655fa8ea5c3519bb92d9a71d2988d9988

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3617018
cf-polished
origSize=4505, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
4232
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:44:17 GMT
server
cloudflare
etag
"36214087bdcb89a564698df5c1defd1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeM7lRYCktxstGjpD3oF56q7YsO6diit94elbHSsaZnEhL8zeKoJSLLh8A75eoMSoC4KX7Z58p5HcsOXY1q485h7O2kZMIjR%2BInV6grudVndd%2FH03zO%2BSknJmWVbAcXS27FF86JivADM%2BOWK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ad687904-CDG
8CA49D8D79090BE352BFCF82B506B7D7F4E4BC522188C534F4134D324764EEED80C0EE215036BCC5E8727628B63576ED62EA385DC7897CD66DB6DA350B042577
assets.ad4m.at/product_image/ Frame 7D74 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8CA49D8D79090BE352BFCF82B506B7D7F4E4BC522188C534F4134D324764EEED80C0EE215036BCC5E8727628B63576ED62EA385DC7897CD66DB6DA350B042577
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ba226b25a31c48913588b705efa2e16a5b9c67ced4652a94178eaffe21eaa1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3617018
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
17407
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Nov 2023 12:44:08 GMT
server
cloudflare
etag
"64b5b932a1ae54de2664e1f1c7b43b09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gecY3M6r0cdgyqH3VSYb4I4tVHiAFSCyUZkL8J%2Fmqo8EDOJmLXBT18rGzd32lHvOGEaJ5%2F8uAkhgFdt%2FBojwrdbZYUr%2FEkhZ4IqZyy590psdZd3iBQ1D%2BI8awKwCJZTgz8k7tsnQCXLxXAlS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ad6a7904-CDG
cshow.php
www.awin1.com/ Frame 7D74 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3154253&v=25291&q=438546&r=412871&pv=1&pref3=oneidZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 16:04:47 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
AFF6BAA911431D484550C5329ABA161FA7757CFB6EBE4FCF146114BDBDDA973E17FF849DB70E2486ED5478159BA2EC634666746F211ACD7D4544B19F2720DF69
assets.ad4m.at/logo/ Frame 7D74 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/AFF6BAA911431D484550C5329ABA161FA7757CFB6EBE4FCF146114BDBDDA973E17FF849DB70E2486ED5478159BA2EC634666746F211ACD7D4544B19F2720DF69
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195a906292a7bd54a111043be568c05cb14ec644dc261936b4687a7f1678a21a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326329
cf-polished
qual=85, origFmt=jpeg, origSize=10626
alt-svc
h3=":443"; ma=86400
content-length
6754
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:32:20 GMT
server
cloudflare
etag
"a77961095a2aa8e29d3dd0bb3db9e45e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmJzmY%2F%2F8tzfj046LH0ZVuM2hPN7RwbGiaCM78p%2BqVqjRfQAcfj8PqkxuSFhQQnm6jjr88rYMsIKzmUX0%2BRuHTNxxH4ZY9avqMy2D1fHlnFbclKWqb%2B4xknxkot%2B1Gmxt9zq0mX890QmZ414"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ddc47904-CDG
2E58E855307485959C0551D1859FD1FB1DD8C392D658137D355B0EBE3D8C5E2A4D6523EA88C84858EDA92C6BDE536CA8B30C4A5254E78FBE16502606BC4F31A6
assets.ad4m.at/product_image/ Frame 7D74 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/2E58E855307485959C0551D1859FD1FB1DD8C392D658137D355B0EBE3D8C5E2A4D6523EA88C84858EDA92C6BDE536CA8B30C4A5254E78FBE16502606BC4F31A6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955452fad18000b14d0f60058e77e3cac46e3c026deeef79124b82b4c7fe6d65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3617010
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31834
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:50:10 GMT
server
cloudflare
etag
"2299d292e1cb570fbc6297737bec268a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S3VyOpe84v9pTNUKFzTsMnOfqaE6jdiFkgbkQcAw0Cx590nj932lZ6YBPv30%2Bn%2B3UKg0UWG%2Ff1loOxIxvEJEuMjbRvyiS8g7UyEVdEvpJ4QqPiXBSm5WclUNJCDxKc%2FWLnoZch9uuKEcufA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ddc77904-CDG
/
zcz.willemsefrance.fr/ Frame 7D74 		0
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zcz.willemsefrance.fr/?t=P51205356C863195&argsite=oneidY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
X-TRK-ERR-C
0
Transfer-Encoding
chunked
X-TRK-ERR-M
data ko.
Connection
keep-alive
X-TRK-ERR-L
3501
Referrer-Policy
origin-when-cross-origin
X-TRK-SRV
6
Server
nginx
X-TRK-ERR-T
Exception
Vary
Accept-Encoding, Origin
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 7D74 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
409e6b9470bdafbf358f021cbab5fce4da17433e56ae8db83ea6ce81ec4190f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
327012
cf-polished
qual=85, origFmt=jpeg, origSize=16453
alt-svc
h3=":443"; ma=86400
content-length
14170
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 10:44:59 GMT
server
cloudflare
etag
"20362d69dcf9bded50cffba25b215fb1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FvfFRBR45Wx9QGLvh%2B8VztDe4qHRBz6h8tQsEN0yrfSue7aQKh9dloPsrE%2B4b9GeuxuTD6kCpcShFSxlUN2w3ZsjsvCKLGRxE%2FtkufoDVTmnyJfrZLFFnKssix7gD0%2Br2TgeKhuSkUePuFB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ddca7904-CDG
F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 7D74 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ab021b144e1615773b750779ffa1e38c2b27b478d5736fa6ea3e3f247d4946

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3617010
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29352
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:15:16 GMT
server
cloudflare
etag
"794a9c1b414ce9ff4e8610ff121c41eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATWBYWtW44IBqQCtjOyz3gRsssedsX%2FtN6XQzRJ12p1NjLhJ2GGp8bZ9%2F1wIbid3ngk%2BnfkPZF57MVvHurus4aewGkfnOF4y4Qb8FRFgrmUAhMZ3gRANKruKPyTh3s%2FFu2SwGil9Fnf6zUV%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84a14645ddce7904-CDG
img_13_13_33.gif
img.metaffiliation.com/4/58179/ Frame 7D74
Redirect Chain
  • https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://img.metaffiliation.com/4/58179/img_13_13_33.gif
133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/4/58179/img_13_13_33.gif
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=364750d8316bb9c93acd76b7623e4ff3%2F4780744478096042734&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706025887356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmsh36ef1748rkcss875gb3c9v0p44335f6p5n1qd3dyyqqy67rv11gemh3qrhnq34s6ydbgysefjkmcpy2e6jkqt79rm98vasg6d15psbr96q04y3s17d3n9qdk1wr5jzxnw33hwaxzm9sskrqemdk30stetzdzx0nwt83tffg394rzt1ppp18w93gxsv9rsnw9gmwpcbtntexwserkn4yv6kxvbqjajfz2r6gbkp3yq8n8e4zyxw511fdjvyy49c1ew8yqjgsexy01q3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHiFBnuOvZeWGIpu-_tMPxZW_sAPi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQI5ZrAVnUayPqgDAcgDAqoEyQFP0A7dZomihZvS4TnZoFo5y_j_huYoylpNl4uQO25bTYgWV8upXT0OtS4piTFdZILi4ldZMZFCn_J3fAXsH-jFDTn_dzWyewU428ewUuN3RcwogKvKgBPwme0-I55ef9kVtsHAaQTqXVoWQJymBUgZMHT3rqRMgbdk_qEjlbHDl5xzDUroruCHvkX4urdr0cEZO8fQFv8peNdNBGH7QdwxJZl6pkls03NPypEabntp6KNvY7Ji13EomQ5dYRX3coRh3_8NUMhFQOaABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliz48PX8fODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Cb2sCNaefu5wr0-TT675n77p28g%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F2E) /
Resource Hash
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

return_x_ocdn_ja3
25208c05005e09081dcf03a982a9aa17
date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
gzip
age
1179
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135736
last-modified
Wed, 03 Jan 2024 13:40:04 GMT
server
ECAcc (paa/6F2E)
x-ocdn-rp
HTTP/2.0
x-ocdn-net
EUFR16276
etag
"659563b4-21403"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes

Redirect headers

Date
Tue, 23 Jan 2024 16:04:47 GMT
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.018890142440796
Connection
keep-alive
X-TRK-PROC
58179
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
X-TRK-SRV
4
Server
nginx
Last-Modified
Tue, 23 Jan 2024 16:04:47 GMT
X-TRK-DECISION
3
Vary
Origin
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://img.metaffiliation.com/4/58179/img_13_13_33.gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame DF0C 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
widget.css
static.arc.io/widget/css/ Frame 8847 		85 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
b5e3833bed57522b9943fbd374662c6f
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 8847 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
955163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gN6gceDt2p2VRV0mmo6eTkuD%2BBbyl0TWUmG%2FOlEChiTQCseXUzQTpVVShsgPv1VcToPdiigFpo%2FezCdmgnDSLVzJNCCOq15H%2FxTaNw6DKSkk9rzkuqz9rk9NKp%2FDibzRKLrgdt9HQsZOpc0zXorHfbns"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a14645cb4b702d-CDG
expires
Sun, 12 Jan 2025 16:04:47 GMT
widget.css
static.arc.io/widget/css/ Frame 8554 		85 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?76bc4f3
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
52Z033ZFWRVC93PR
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:41
cdn-pullzone
786569
x-amz-id-2
+xYsFsXxcv5akj1qTUKGVTScMCFieylWDhCTi2J1KMuZHZ1lFY2pfSfLahJI8QdM4gog00FYNP0=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a87318705e4af5015dc0246497f2673f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
f4c0e713bcd136f2097ae46837c66766
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 8554 		2 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
955163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCskDYMPBydXQ%2F8OzTcnGH%2F6J%2FKnWUNKn3ixDK3QKiRjnLQhDi%2FJyvTZA%2Fz10L8u5cR7dcuc24iLuYmga3GEE%2F%2BtGZvhnvQOw4xG5XN6wEjBh%2BAzxRkx%2FKJGOfTBP3S9siJHN2u2OTZFCE18RdELXuVi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a14645cb51702d-CDG
expires
Sun, 12 Jan 2025 16:04:47 GMT
truncated
/ Frame 8847 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8554 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8554 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
tracker.arc.io/ Frame 9E4D 		0
0
KqX19iv2EuxD1MxFoR688X
warden.arc.io/mailbox/nodes/ Frame 9E4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://warden.arc.io/mailbox/nodes/KqX19iv2EuxD1MxFoR688X
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-141-84.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.1clic1don.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 16:04:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 8F1E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:47 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
9WD718SH73SSHMZ7
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:52:40
cdn-pullzone
786569
x-amz-id-2
jwrzNVpxy+i1mS/N/l577v4ox+ukfrpjgmX4rF76e9TSPHNoYO0CdjMI3zyK1afVCHGm3nd2C84=
last-modified
Sun, 09 Apr 2023 20:16:26 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1343454a1c763177d59f06c307b3a5a2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
access-control-max-age
86400
cdn-requestid
85544716c2079713ac1e686bda5146c9
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
vendors~widget-sc-client.js
static.arc.io/widget/js/ Frame 9E4D 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
8NG3W3SWPPQJR9H9
x-amz-server-side-encryption
AES256
cdn-cachedat
07/07/2023 01:54:57
cdn-pullzone
786569
x-amz-id-2
XvrkWJ0zSEdhncRAgd+Bdp04VBlVFHWdsN9GnU4+Ysb64u/dZpbbn4xdgGYUoxd0C4ldI/lHnus=
last-modified
Thu, 06 Jul 2023 18:40:20 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"1bfa017c8b068bd2857ce731fa38ab1d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
caa86c43e1bbc889edb5c77a120bf498
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
widget-sc-client.js
static.arc.io/widget/js/ Frame 9E4D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
DQQ8VHWST41YFNM2
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 18:08:06
cdn-pullzone
786569
x-amz-id-2
agMRD6azIkO/5EQQP0InQfUP5d8uxbWeTh5TtOXVwBr8kYTokTBXJK3C2v9B86j5g6lQ9LaF/hg=
last-modified
Mon, 30 Oct 2023 16:22:24 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"00fc1f9530439ec3d2415f9420e814d7"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
fb6ed6456f82f3095c948edcfa2a3fa2
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame B505 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHusKhauBB0ZzooGCm561YtwpmwMWvjx_BQGSa8zupi7YF3hal8pB5cL9vfgjQmXv1I6Uv2A5cWf89881mlc45Kb4Cp7SrhpvtqbV3a612kvp-GdN-pQKaGna9nSAWltZ8i7WjCUUNcVqLby2yEspIOCv-&sai=AMfl-YSCZS2tcr7fr8OQQMRfKdedYKRrgyOJg7yA8R4iJT-nPBN0TyBLTFKDJVsQ5WJSAQXxiDu8XHXk9G-uhJEDEC6ea_wNhgRVASO3mITNdQeVNXTUofuUO1sH6GGpDc9H7gfySZKDkIDe7p0hBVJd8A&sig=Cg0ArKJSzC4AaMPXRjoSEAE&cid=CAQSTwAvHhf_3euLq9o07r04eciTgWoB_m-BkO97mF4hyr_8IQ-__vA8O4yURGuG47JAtuVInh3FMErfQDBYCPI8a4wzRULX4f4AYY4DASbQ1l4YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=473,948,1000,1000,1000&tos=473,475,52,0,0&v=20240118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706025886768&rpt=291&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
strn.min.js
unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/ Frame 9E4D 		230 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3081298
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HHZPGJGADSYSGWH6QN665CF3-cdg
server
cloudflare
etag
W/"3965a-Lu2VKHRN+UwzJYzS2puHZQw9qzs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84a14648ef71d5d1-CDG
/
www.150euros.fr/ Frame EBFC
Redirect Chain
  • https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602&f=0
  • https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
123 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagpdis.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa66541ac3878fac3de71685975a73f4b55a9e8aa2ecb31f8fb315d69eae9a54

Request headers

Referer
https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 16:04:48 GMT
etag
W/"0x8DC1C1240295AE1"
last-modified
Tue, 23 Jan 2024 12:53:09 GMT
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001160v
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
63991389
x-ms-request-id
1fd49dc0-101e-0043-71fb-4d2026000000
x-ms-version
2018-03-28

Redirect headers

access-control-allow-origin
*
cache-control
private, max-age=0
content-length
307
content-type
text/html; charset=ISO-8859-1
date
Tue, 23 Jan 2024 16:04:48 GMT
location
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
activeview
pagead2.googlesyndication.com/pcs/ Frame 24A4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslaYJSH4RjayR6rO-W6O3z--Gjzu4plCmrPKEe4y4M9cbFJf775Tfz23NSgBZlyHZgaCpmCMROhgMrXFnnDNGP4dm7W6ftu1cvVT1rDtcHzfy-CmFUOO01xMwe7-dbgD1SJbboYgSJtnIvTF59hdLoDrs9&sai=AMfl-YQ6aTAmFHNYfmCyYKPDnhmVbaJP4-fQ3lF1QmnljAyRTlb5Q_acFOPqRXRGwfYKgDGB6hrSCfmsqAPUJjiFm6bhj6_hXDoyReVMYTsyIdXADqa2dZU4_kZ8fwRFaEjwRgBzRVpjVeYSlioCnFWNWg&sig=Cg0ArKJSzOW7lUNU8-iDEAE&cid=CAQSTwAvHhf_3euLq9o07r04eciTgWoB_m-BkO97mF4hyr_8IQ-__vA8O4yURGuG47JAtuVInh3FMErfQDBYCPI8a4wzRULX4f4AYY4DASbQ1l4YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706025886753&rpt=308&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~saturn-benchmark.js
static.arc.io/widget/js/ Frame 9E4D 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~saturn-benchmark.js?5c117bee
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5ae252582e588d8bdc6cd5c65e064277a3edeba7b7d919ee59cf4123e7beae91

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
SAAFWGEBGDA34WYH
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:47
cdn-pullzone
786569
x-amz-id-2
d1nogZR2Ck6v83oo3Nie4LBgLXhtlePRc1la1QAMyPPvxuuPN+HSfnknnI1CFkRfHjVzPKQCvVg=
last-modified
Wed, 03 Jan 2024 18:03:35 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"b389f1438da1cb3459f2b9fb13d81e3d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
45bbf1cc4ffaa22e4bb3633278961d8f
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
saturn-benchmark.js
static.arc.io/widget/js/ Frame 9E4D 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/saturn-benchmark.js?92cb940d
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
81dc394a237cf0f94b1b7d9c292ce9c696010601f009147a7348c62e4c59eb3d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
SAA144CMS2D1ZEJ3
x-amz-server-side-encryption
AES256
cdn-cachedat
01/03/2024 19:10:47
cdn-pullzone
786569
x-amz-id-2
LBYhmRv2lwl2YudkkvlTLGmvlD3Ecb6xrRktwoN/ldyelbwYXj3IemorK/XaWz5jKGJADGAUCKk=
last-modified
Wed, 03 Jan 2024 18:03:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9b5857c615c1e2726552f5ec3bd311a7"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
fcfc8aaf12473473d6cd92aeb38ba771
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
chunk-2d0cf2b3.js
static.arc.io/widget/js/ Frame 9E4D 		3 MB
691 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
NJV0WQFZK7HF5XZR
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 19:00:18
cdn-pullzone
786569
x-amz-id-2
T+HAVcuCDp20xBJ9VYDHu9JLrkVQYMyJ1DueU5aoLPHQ+W+LOmc3obB9lgM5POMlfFPFklNJ94Q=
last-modified
Tue, 31 Oct 2023 18:10:04 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3e9a577ca6bcba5cdf18d0dafd192870"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age
86400
cdn-requestid
285b9606aa30e5df54f5e2e9775750ae
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame F647 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxp9C0A779rSu3ZvJjk6CLLcpIXWmMUdEQvZMa6HJ8_ni8epp7W2vegKU2xPIgZaPlW_9p9f33K3DYFESGMYsGJBR8stX_bqxYfsRBGIDp8iqNcjwbquGMFFpW8WlQjvI-jpb290OK3gsfgZbOqIe3XwU1&sai=AMfl-YRkU2Ann5baPQptaefHfptLpB-JOEvYll5ufHSmRKlA9O689M1U5CFmkhfOojwGXnAG6N8zNpVlA1zPhwnme2YnhgYf4m7iuCNF5lL297eONOXoaNhMh23vq_HvdDx0y5RH0u245fRgU8l8apBxZQ&sig=Cg0ArKJSzPhXZE5bDjm2EAE&cid=CAQSTwAvHhf_3euLq9o07r04eciTgWoB_m-BkO97mF4hyr_8IQ-__vA8O4yURGuG47JAtuVInh3FMErfQDBYCPI8a4wzRULX4f4AYY4DASbQ1l4YAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706025886714&rpt=383&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
top-cids
cids.arc.io/ Frame 9E4D 		6 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cids.arc.io/top-cids
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5865660e35364dfda02a58a36abf22f2be8fdb44bd85259acf959c7c667b65aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
01/23/2024 15:37:33
cdn-pullzone
1392871
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"194e-hGbR1NJeRg83U0D9Ml/G4+1orzo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=3600
cdn-requestid
96ec02260aee4486f70471dfdd47a8e1
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
index-main.umd.js
storage.googleapis.com/quoteform-widget/ Frame EBFC 		265 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/quoteform-widget/index-main.umd.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
913f128a7e8557c131cc19e6f154e010263e9d594cd0934c1b0e7a92c81bdd88

Request headers

Referer
https://www.150euros.fr/
Origin
https://www.150euros.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:19:00 GMT
age
2748
x-guploader-uploadid
ABPtcPqsLZ-dYdsWMffXkTXnzo4KB5AgP1rbfhJskj-8KNtD11ishbCb3DpAYHl9jDkUAF7kkdql4ACK6w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270881
last-modified
Mon, 15 Jan 2024 14:52:22 GMT
server
UploadServer
etag
"8fac2a0854c8fb9e78716484df9312ea"
x-goog-generation
1705330342843764
x-goog-hash
crc32c=D3wZJQ==, md5=j6wqCFTI+554cWSE35MS6g==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
270881
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 23 Jan 2024 16:19:00 GMT
8638.b8527a12c9ff491b.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/8638.b8527a12c9ff491b.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bbb50d95bd0a65d5b4bc56dc13f0d51a0c8682b18a8b9d9a7acab551e059143

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:10 GMT
etag
W/"0x8DC1C124135D264"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg000000011617
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ba2f05a-901e-0033-39fb-4dd226000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
358.affd3f1a37a7dacc.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/358.affd3f1a37a7dacc.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1124310a3341843e2635b794f6509b7d7d3447489268a050b70f643163c1cc95

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:09 GMT
etag
W/"0x8DC1C1240696BC2"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161a
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0908ad92-e01e-0000-34fb-4d8e31000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
2510.80e6284dcac872e7.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/2510.80e6284dcac872e7.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
571fc037483d6d113bd24fb0cc831df88d900e3c04a1433ea545cf16b7e10ad1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:03 GMT
etag
W/"0x8DC1C123C8B7316"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161b
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73a43e32-301e-0041-4cfb-4d7622000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
9764-63483b943ec57adf.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/9764-63483b943ec57adf.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
acd7875fe8666dce27436b677e85f8dd51e21fb3038d131aa73acaad6839ae3b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:04 GMT
etag
W/"0x8DC1C123D9DB67F"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161c
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a1bed7e9-701e-0045-39fb-4dda2a000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
4920-b8c5fd3444544c25.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/4920-b8c5fd3444544c25.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f3c403250f95562015c2dc6308f8b79e5740ef57ba87c4d64650daa48f724fa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:03 GMT
etag
W/"0x8DC1C123CEA7B09"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161d
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c599550b-201e-0048-0bfb-4d0531000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
9870.56a8f869588291cc.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/9870.56a8f869588291cc.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41c451106f94922cca17d7c10d55e2377367e33a93dc53add69611ed22b525f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:07 GMT
etag
W/"0x8DC1C123F12D20C"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161e
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8de92f62-f01e-0061-36fc-4de711000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
71-2155d99128917755.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/71-2155d99128917755.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c5915ba631e44485fc698592f0e0b70b120154c9880104b74b372e6d6a72b55

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:04 GMT
etag
W/"0x8DC1C123D375C18"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161f
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3f56cfc-601e-0034-7ffb-4d0328000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
9476-44e7542235def6c5.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/9476-44e7542235def6c5.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a70f875e6b989ad12fae2020a81534578f3dc49c2cf583a1a73b3708329dcb91

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:08 GMT
etag
W/"0x8DC1C123FA7647A"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161g
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
547d77fd-d01e-004f-5bfb-4dd43f000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
1898.105b13f705734aca.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/1898.105b13f705734aca.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2b7ec4c547ba48568922c01aa0a326749cd166b422220021f696f7c8df595d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:05 GMT
etag
W/"0x8DC1C123DE0AD49"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161h
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b755367-801e-0016-02fb-4dc41f000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
7716.96b551af1deb58e9.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/7716.96b551af1deb58e9.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfb1c44c9f1a3cdfc4083c2caab79065d88d7c56ac1e1426cd7a89d7803b9529

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:05 GMT
etag
W/"0x8DC1C123DF01549"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161q
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bdef68e0-101e-0007-70fb-4d5f3f000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
8743.09b3c7ed1981a1c9.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/8743.09b3c7ed1981a1c9.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
acfd11fe4da4b2ff71147503919506a6dd8133bc95008f0a4088306e4e417614

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:06 GMT
etag
W/"0x8DC1C123E6EB090"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161r
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
18c71e8c-b01e-000d-5cfb-4d512a000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
8300.d9f31584c51708d0.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/8300.d9f31584c51708d0.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d110cba76b274fd7bf8a7b22e89caac6dce7f74c9675a5d6480c13b8e7689d95

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:06 GMT
etag
W/"0x8DC1C123E6EB090"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161s
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62b4ea96-401e-000a-58fb-4d8024000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
webpack-ace028361bbff5aa.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/webpack-ace028361bbff5aa.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bf73387d314bb817247d09084811307555c8f00711c361088e28d167ed0b6efc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:09 GMT
etag
W/"0x8DC1C1240AA3FE3"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161t
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac5cddcf-b01e-001d-40fb-4de108000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
framework-2645a99191cfc5e9.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		138 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/framework-2645a99191cfc5e9.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c25c0404cd425a831870554b1fd9ace3825cbb08dc56acab61efe80d1cf4b2e6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:04 GMT
etag
W/"0x8DC1C123DADBAAD"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161u
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aa6caa6c-901e-005b-1ffb-4dc815000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
main-dbd2dbedd82ef05d.js
www.150euros.fr/_next/static/chunks/ Frame EBFC 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/main-dbd2dbedd82ef05d.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a895f584a673bdc66bce3faefac375de5f60007432f3b3af5dbdf21f43b3bba3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:10 GMT
etag
W/"0x8DC1C124135F975"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161v
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1951eff2-a01e-0014-45fb-4d921b000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
_app-451a9a862f4da117.js
www.150euros.fr/_next/static/chunks/pages/ Frame EBFC 		2 MB
849 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
07a266999a69ef74d1e289b6cc9a9ac31e33f4f4f756077edfcf86085798b91c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:10 GMT
etag
W/"0x8DC1C12410A5936"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161w
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
781313ad-001e-0022-79fb-4d4906000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
index-a4fcbd4a5e634297.js
www.150euros.fr/_next/static/chunks/pages/ Frame EBFC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/chunks/pages/index-a4fcbd4a5e634297.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21cb3454555128742552cbd1cbe1fef15e851600adffc7dd99fe1f768e910f1e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:04 GMT
etag
W/"0x8DC1C123DAA388B"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161x
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
637eee4e-001e-004a-15fb-4d5335000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
_buildManifest.js
www.150euros.fr/_next/static/0y06yNPbnT_Lhlsp8YSnw/ Frame EBFC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/0y06yNPbnT_Lhlsp8YSnw/_buildManifest.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb2ce0434e712ead4d7d48ed5c169fdf965b367d34a4c58da6dc8ee846d50e94

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:07 GMT
etag
W/"0x8DC1C123F3D8802"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161y
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66139a2d-701e-0055-08fb-4d6a08000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
_ssgManifest.js
www.150euros.fr/_next/static/0y06yNPbnT_Lhlsp8YSnw/ Frame EBFC 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.150euros.fr/_next/static/0y06yNPbnT_Lhlsp8YSnw/_ssgManifest.js
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e840e0367dac10259db8f6993120023d073d46ad538e544d70c3a7fb0f36407f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:07 GMT
etag
W/"0x8DC1C123EFAB839"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg00000001161z
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b78ae8d5-201e-0020-30fb-4d1f02000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
logo_150.svg
www.150euros.fr/ Frame EBFC 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.150euros.fr/logo_150.svg
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c80cbb57c470ecd69ac46a12305f639a77da5a1c7f98979b3e8ada7cabd1d32

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 12:53:04 GMT
etag
W/"0x8DC1C123D798FAB"
vary
Accept-Encoding
x-azure-ref
20240123T160448Z-0908vrywr52t13fxvrrxv99gen00000004hg000000011618
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f4324587-501e-0047-60fb-4d8c2e000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
63991389
d4a6e0d2-2085-4042-87be-f2569140abe8_Soldes+hiver_Slider+720x400.jpg
images.prismic.io/150euros/ Frame EBFC 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/d4a6e0d2-2085-4042-87be-f2569140abe8_Soldes+hiver_Slider+720x400.jpg?auto=compress,format&rect=0,0,3000,1667&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a7702cad21303867f629dfcd6ebdefaa7412e7104477bddd069e368c050f6357
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
906971
x-cache
HIT, HIT
x-imgix-id
2b1039445a2345936c283851ae14a1ac9326b0f2
cross-origin-resource-policy
cross-origin
content-length
35051
x-served-by
cache-sjc10061-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Sat, 13 Jan 2024 04:08:37 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
e812ac3a-e81e-44f5-a03f-101014123168_Mobile+720400px+%E2%80%93+1.png
images.prismic.io/150euros/ Frame EBFC 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/e812ac3a-e81e-44f5-a03f-101014123168_Mobile+720400px+%E2%80%93+1.png?auto=compress,format&rect=0,0,720,400&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
83256846a30b4cbaac11ff7b90b451d9eedeb2f8f1ffc87d926d17776d3c443f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
1321442
x-cache
HIT, HIT
x-imgix-id
036a196762e1bee75b3b05062288b05d7afa72a6
cross-origin-resource-policy
cross-origin
content-length
29864
x-served-by
cache-sjc1000098-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Mon, 08 Jan 2024 09:00:45 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
bc8c724d-2f77-4703-a7f9-87357cdb61d8_C_720x400.png
images.prismic.io/150euros/ Frame EBFC 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/bc8c724d-2f77-4703-a7f9-87357cdb61d8_C_720x400.png?auto=compress,format&rect=0,0,722,401&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1f69c68821e397f5e0bdeb35b8779a9a55c81dbf3b55ec262ce650cc56f3429c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616232
x-cache
HIT, HIT
x-imgix-id
b94612b4ec923fabb66692831d2faa1cd9fce24a
cross-origin-resource-policy
cross-origin
content-length
34363
x-served-by
cache-sjc1000095-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:54:16 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
99c91ade-17b4-45ad-942b-88cf7a582e0a_Zone+Carrousel+720_400x.jpg
images.prismic.io/150euros/ Frame EBFC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/99c91ade-17b4-45ad-942b-88cf7a582e0a_Zone+Carrousel+720_400x.jpg?auto=compress,format&rect=0,0,720,400&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9845f13f168e2bd5ecf7d67536bd8903abf2ad03155c03dd4232cac61ebbf74e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
64022
x-cache
HIT, HIT
x-imgix-id
bf3177199826083dd971acd51317d41135ee749f
cross-origin-resource-policy
cross-origin
content-length
16434
x-served-by
cache-sjc1000088-SJC, cache-ams12758-AMS
x-imgix-render-farm
02.131624
last-modified
Mon, 22 Jan 2024 22:17:46 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
65b127e9-4d76-452d-bcfa-0dc9afa491ea__MNA+-+150euros+%28720+x+400%29.jpg
images.prismic.io/150euros/ Frame EBFC 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/65b127e9-4d76-452d-bcfa-0dc9afa491ea__MNA+-+150euros+%28720+x+400%29.jpg?auto=compress,format&rect=0,0,720,400&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1f329843da862f068915c209bd7df65afa25fcd6a702bc250190116d6de3693a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616232
x-cache
HIT, HIT
x-imgix-id
9b31d54e7a85bac9ec5e99df1ef62fcec3758076
cross-origin-resource-policy
cross-origin
content-length
13333
x-served-by
cache-sjc10076-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:54:16 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
738d8642-6f55-4836-b813-36e2a5f27ebe_idg_carroussel_720_400.jpg
images.prismic.io/150euros/ Frame EBFC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/738d8642-6f55-4836-b813-36e2a5f27ebe_idg_carroussel_720_400.jpg?auto=compress,format&rect=0,0,720,400&w=720&h=400
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
389b04dd1564f61b5ace7159a1ce702ba04cdf25990423ae0aa8442239d01905
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616232
x-cache
HIT, HIT
x-imgix-id
65a527c168ca89044ffb14a8fc53e6baa3041003
cross-origin-resource-policy
cross-origin
content-length
14274
x-served-by
cache-sjc1000131-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:54:16 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
medium
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/unsv39crzp/items/96f52515c095191a550795i142267983/covers/page_1/ Frame EBFC 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/unsv39crzp/items/96f52515c095191a550795i142267983/covers/page_1/medium
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d030984ff3d94eae42b77d1d6251b9a9cad064ee8a8e9fc2061451f824bbe636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 04:16:35 GMT
x-amz-version-id
4.IckgSiBfOlu09WFPEBlOeQx905O0fY
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
128893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
153889
last-modified
Fri, 19 Jan 2024 15:30:19 GMT
server
AmazonS3
etag
"a5a5bf28ebf1ff2f843476da8168461b"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oCQchKAA_3IF3ongajzCFIs_fDzkyNnUwFLlWFGuMQu4ea55HDO7Qw==
4a94be64-65b5-4284-af26-716bf6282d96_cinema_ok+V2_1.jpg
images.prismic.io/150euros/ Frame EBFC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/4a94be64-65b5-4284-af26-716bf6282d96_cinema_ok+V2_1.jpg?auto=compress%2Cformat&rect=0%2C303%2C1080%2C675&h=250&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d62d5406ec5422069aa7207d014e86430e83cb31e28ad2c094206a8fb959fad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
128830
x-cache
HIT, HIT
x-imgix-id
5d02f9b80ba869fbfed491b96609335f8176fbe0
cross-origin-resource-policy
cross-origin
content-length
8148
x-served-by
cache-sjc1000130-SJC, cache-ams12758-AMS
x-imgix-render-farm
02.131624
last-modified
Mon, 22 Jan 2024 04:17:38 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
6ce40cb6-4b4c-4492-be68-d416dac85ada_Capucine_+brocanteuse+en+ligne+V3_1.jpg
images.prismic.io/150euros/ Frame EBFC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/6ce40cb6-4b4c-4492-be68-d416dac85ada_Capucine_+brocanteuse+en+ligne+V3_1.jpg?auto=compress%2Cformat&rect=0%2C493%2C1080%2C675&h=250&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0a8cdf1edd982d348ac8771913590f35589dfa28c40fa6cb5a810daf629b3d2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
128830
x-cache
HIT, HIT
x-imgix-id
3479879b510675088347c288706faa2ffa447e11
cross-origin-resource-policy
cross-origin
content-length
4417
x-served-by
cache-sjc10047-SJC, cache-ams12758-AMS
x-imgix-render-farm
02.131624
last-modified
Mon, 22 Jan 2024 04:17:38 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
3ed6d742-2d0b-4439-a469-06996f74cebc_shutterstock_2248105791_small.jpg
images.prismic.io/150euros/ Frame EBFC 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/3ed6d742-2d0b-4439-a469-06996f74cebc_shutterstock_2248105791_small.jpg?auto=compress%2Cformat&rect=0%2C23%2C1181%2C738&h=250&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f1cbeb1034ee46c45f703f495b2c29acbedc76baa3189b3f41f429386cfd0feb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
128830
x-cache
HIT, HIT
x-imgix-id
b8e9777853da0f5259d6dc4bb7b6544102dda088
cross-origin-resource-policy
cross-origin
content-length
20482
x-served-by
cache-sjc1000114-SJC, cache-ams12758-AMS
x-imgix-render-farm
02.131624
last-modified
Mon, 22 Jan 2024 04:17:38 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
f2240c59-ce73-4ab9-8976-29971b808867_Notre+se%CC%81lection+desktop+615345px.png
images.prismic.io/150euros/ Frame EBFC 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/f2240c59-ce73-4ab9-8976-29971b808867_Notre+se%CC%81lection+desktop+615345px.png?auto=compress%2Cformat&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4bf739e19bc619954f802fd125f73f5f7d92aeb80c6708d8623a5e7e9714cb07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616179
x-cache
HIT, HIT
x-imgix-id
89ff8c85333fbbb2eb754877200d48ca6872777f
cross-origin-resource-policy
cross-origin
content-length
30035
x-served-by
cache-sjc1000124-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:55:09 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
fbe847c1-af3a-445b-9ad8-83588b361f00_NS_615x345.png
images.prismic.io/150euros/ Frame EBFC 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/fbe847c1-af3a-445b-9ad8-83588b361f00_NS_615x345.png?auto=compress%2Cformat&rect=0%2C0%2C617%2C346&h=345&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
aa8ac4e1b8a4abb998c2690bd5a28911f72cdfaea0b4d09e057034da71e79a6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616178
x-cache
HIT, HIT
x-imgix-id
c387e6fb14fdbf72e6e9e4254853bf7254cd9e1e
cross-origin-resource-policy
cross-origin
content-length
27122
x-served-by
cache-sjc1000117-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:55:09 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
0eb0165a-6c27-4e26-8866-329e5892c882_Zone+partenaire+_+615_345px.jpg
images.prismic.io/150euros/ Frame EBFC 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/0eb0165a-6c27-4e26-8866-329e5892c882_Zone+partenaire+_+615_345px.jpg?auto=compress%2Cformat&rect=0%2C2%2C623%2C349&h=345&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
11b4e6810bac529f11adc99e733689eb57c4475e3a506497c6ff7e91e2674ada
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
1727540
x-cache
HIT, HIT
x-imgix-id
33c7d869c041c0682ab5cc0f5f61860f9daa3a35
cross-origin-resource-policy
cross-origin
content-length
18149
x-served-by
cache-sjc1000128-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Wed, 03 Jan 2024 16:12:28 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
913576da-0d8c-49f9-8661-53fa4848aa85_idg_notre_selection_615_345.jpg
images.prismic.io/150euros/ Frame EBFC 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/913576da-0d8c-49f9-8661-53fa4848aa85_idg_notre_selection_615_345.jpg?auto=compress%2Cformat&rect=0%2C0%2C615%2C345&h=345&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
df2d819a33e3c23afce42c5adca85a4b259748ea00e7b6263bbc0554a7018094
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616178
x-cache
HIT, HIT
x-imgix-id
b811187b3936b664edb359b9f71bd10cefdcfb82
cross-origin-resource-policy
cross-origin
content-length
12623
x-served-by
cache-sjc1000085-SJC, cache-ams12758-AMS
x-imgix-render-farm
02.139816
last-modified
Tue, 16 Jan 2024 12:55:10 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
bbc69057-8a27-44f1-bcde-f80845ff7237_MNA+-+150euros+%28615+x+345+px%29.jpg
images.prismic.io/150euros/ Frame EBFC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.prismic.io/150euros/bbc69057-8a27-44f1-bcde-f80845ff7237_MNA+-+150euros+%28615+x+345+px%29.jpg?auto=compress%2Cformat&rect=0%2C0%2C615%2C345&h=345&width=640
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:65::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a10f16c4f5cd168a409aed221e0075c5b8ccf3a1ca00bbfc199ac943d1cf31c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
age
616179
x-cache
HIT, HIT
x-imgix-id
4b3a0004f8b264e8c01ab53c2a8fd4a94c06cbcd
cross-origin-resource-policy
cross-origin
content-length
11264
x-served-by
cache-sjc10080-SJC, cache-ams12758-AMS
x-imgix-render-farm
01.140328
last-modified
Tue, 16 Jan 2024 12:55:09 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
xjRHlKtjl4k
www.youtube.com/embed/ Frame EDEB 		94 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c52c4cc1cc8d48963aaac413e7a64d8ec63d62f2e5dd454c622593114c148b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.150euros.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 16:04:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg69CK48gW7PXoo9WlhyyTh89Y.woff2
fonts.gstatic.com/s/bebasneue/v14/ Frame EBFC 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9WlhyyTh89Y.woff2
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98b4a2165b50f3cef5cc0f77f63ef31e7c8fe7b5b9a88565be9cb67e8d116ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.150euros.fr/
Origin
https://www.150euros.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:15:25 GMT
x-content-type-options
nosniff
age
535763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8584
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:01:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 11:15:25 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame EBFC 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.150euros.fr/
Origin
https://www.150euros.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:24:37 GMT
x-content-type-options
nosniff
age
567611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33148
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:39:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:24:37 GMT
JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0oJC8MLnbtg.woff
fonts.gstatic.com/s/montserrat/v26/ Frame EBFC 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0oJC8MLnbtg.woff
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb6a7e8d38520abc2091db99a1017a1ed5852250dff2dcf28d6bcb2618eeb49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.150euros.fr/
Origin
https://www.150euros.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:37:30 GMT
x-content-type-options
nosniff
age
566838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19356
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:37:30 GMT
/
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/ Frame 9E4D 		370 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/?clientKey=c11dbbe1-a007-4e59-86d5-fc67dc8f317c
Requested by
Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:50b:9a01:23d:d479:b64c:70e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf73fb04240087af527426e211ba23ad6f2839b8be7107f110347f4fc614a6ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
x-amzn-RequestId
494ef0a2-caed-49f7-896e-c47dd17fc43e
X-Amzn-Trace-Id
root=1-65afe3a1-651c34bb313c6899218447c3;sampled=0;lineage=b81009d1:0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.1clic1don.fr
cache-control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
370
/
gloutchi.com/ Frame 9E82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gloutchi.com/?z=6844028&syncedCookie=true&rhd=false&rb=qmS0lxRt-823nHgPJp8kua0YABzlwNwjQaeM7E9i8tK73PwpGdleRcz8bQ05WADcKdiasbvL9E25xsWa-4TxO746NophTsYLMPVru5uOsEqLZRZP0z2oTKe2xpISq78YIv2EJB9xat7T4x6btTunP0IYJ6KaDbmpSCkpiFPLdVweGaVlrElBfYBNs7aWaYSdTJ1mgdTxWgv2vSAiIqCme20rhBExQXKNdrX00mOtitLAS0o7Cy0ZVMmi_I3vRS50HfAdo-jcagOI9W9wTySuGh4DgqJteqZo43TMrKaKVDci0Ze3OGZ0Rs0tOiQ0uuMNYYKGI4adYPk=&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://gloutchi.com/afu.php?zoneid=6844028&var=6844028&rid=X9ByeUB6lykvSb0mSmFbHw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
date
Tue, 23 Jan 2024 16:04:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
/
ak.eessoong.com/ Frame FD5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.eessoong.com/?z=6945102&syncedCookie=true&rhd=false&rb=F6daV0IaSWx5xyBm_vk2-XyRJxT5tz4TW6xtpISzicKoXxqXub7HTBaYgSCtCCtkrQKO5dvmkgCZkZqkh71d8xq0xd-8BVln56XoNc3w90WxPKnCXOY5hrIrq8KB-oExOcZuTxLTEtnfgvj3QvoLNjPAZw-VIBTO5H6KdhgmK8oG_xQ_0sd0gDgjLwA7nZJljvFmJIamAsyTkpTH5D185wZxM85zEHLrJQphaq40G60bXxoyMv8zLScpxye2GlSQdxenPlYQ0tQawXfIeqiSQZJNUoh1PqfJKAtRQg==&sfr=timeout
Requested by
Host: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ak.eessoong.com/afu.php?zoneid=6945102&var=6945102&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
date
Tue, 23 Jan 2024 16:04:48 GMT
expires
Tue, 23 Jan 2024 16:04:48 GMT
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
brand
150euros.azurewebsites.net/api/v1/ Frame EBFC 		69 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://150euros.azurewebsites.net/api/v1/brand
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.111.1.2 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b329d89a2bfc0b96a4079135252c4edcd9dca9a50317a22078908ef6bae2f9d6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.150euros.fr
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:d55882ca-4a41-44d3-b73c-f35f0f6fa7f1
loader.js
sdk.privacy-center.org/ba4c8905-2679-4592-9f5a-01fcdd4b7311/ Frame EBFC 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ba4c8905-2679-4592-9f5a-01fcdd4b7311/loader.js?target=www.150euros.fr
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a8:9400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a4bcd9269e4b05bacb77050299fbaa7f5a216f44811ff18f809986b86691309c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:02:52 GMT
content-encoding
br
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
via
1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
age
116
x-amzn-requestid
e35b7f08-36b0-4e98-afb6-a42f66b790ce
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-didomi-configs-version
95
x-amzn-trace-id
root=1-65afc700-7307f6352aefeea64f549eec;sampled=0;lineage=eaae1266:0
etag
W/"703a2464ad18c817ca65f56154491d73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
x-amz-cf-id
RA-m6l1cRzKeODWFOY9_H1SEoDxnG64Etxyu8K6bTS-xjSs0BZGDcA==
gtm.js
www.googletagmanager.com/ Frame EBFC 		332 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFRPT83
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85ab07c03398cee995a28f96503695ede1fbb56a6d0708261b67f1475b1a57bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105572
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 16:04:48 GMT
www-player.css
www.youtube.com/s/player/787e9b63/ Frame EDEB 		359 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
46400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47506
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 03:11:28 GMT
embed.js
www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/ Frame EDEB 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91c0492a1d0b61b32b56b91c6e17bc8bcc8f1ac7a04668915f2f05c0d8f859d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
27034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16443
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 08:34:14 GMT
www-embed-player.js
www.youtube.com/s/player/787e9b63/www-embed-player.vflset/ Frame EDEB 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98837
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 09:59:02 GMT
base.js
www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/ Frame EDEB 		2 MB
771 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29dee7163cb8587966196156c90d62ce4d8076de5627637074c535fe009e740f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
789387
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 08:24:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EDEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
405472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EDEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options
nosniff
age
107800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 10:08:08 GMT
spatialrequest
150euros.azurewebsites.net/api/v1/ Frame EBFC 		61 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://150euros.azurewebsites.net/api/v1/spatialrequest?latitude=48.8632&longitude=2.33967
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.111.1.2 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
178193357d5387b683097ebecabd9ff4a92cdf44ce0dade81d063f170c88f895

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.150euros.fr
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:d55882ca-4a41-44d3-b73c-f35f0f6fa7f1
sdk.a514114bc36543fa5ddd56b0fb7e5defc576c259.js
sdk.privacy-center.org/sdk/a514114bc36543fa5ddd56b0fb7e5defc576c259/modern/ Frame EBFC 		335 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a514114bc36543fa5ddd56b0fb7e5defc576c259/modern/sdk.a514114bc36543fa5ddd56b0fb7e5defc576c259.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/ba4c8905-2679-4592-9f5a-01fcdd4b7311/loader.js?target=www.150euros.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a8:9400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b03944c008c744dcc976b39d4e2c380df0651a29ef9eada2ed8a31bd097490d8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:09:19 GMT
content-encoding
br
via
1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 13:09:07 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
10530
etag
W/"918cc364ce01864ed60d1928d5acf662-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
qubKWBuw1NUcfmku_HRkbbw30cFcR0L4drIz1PinGRZjFQHrBfcSJQ==
ui-gdpr-fr-web.a514114bc36543fa5ddd56b0fb7e5defc576c259.js
sdk.privacy-center.org/sdk/a514114bc36543fa5ddd56b0fb7e5defc576c259/modern/ Frame EBFC 		274 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a514114bc36543fa5ddd56b0fb7e5defc576c259/modern/ui-gdpr-fr-web.a514114bc36543fa5ddd56b0fb7e5defc576c259.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/a514114bc36543fa5ddd56b0fb7e5defc576c259/modern/sdk.a514114bc36543fa5ddd56b0fb7e5defc576c259.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a8:9400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67bb5aee39e648f6e7f21968c5e9365328dd9ce01c4053ceee1956dd5380ae17

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:09:24 GMT
content-encoding
br
via
1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 13:09:07 GMT
server
AmazonS3
age
10525
x-amz-cf-pop
LHR61-C2
etag
W/"7400efacd11eeb04e035f40fc7091e4a-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5auRnM38ywmP38bTU3NZEOQO74ENNIW7CnhAFxsuicKwyk0z8ImuOQ==
1
api-marketing.milibris.com/stats/a9938bad-d837-4717-b0fe-8835a6a4a51c/page/ce46219f-7acd-42ad-af2e-6f58f1aaeac1/ Frame DE46 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-marketing.milibris.com/stats/a9938bad-d837-4717-b0fe-8835a6a4a51c/page/ce46219f-7acd-42ad-af2e-6f58f1aaeac1/1
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.82.244 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
244.82.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Referer
https://campaigns.milibris.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
0001.ca0f8f05-7203-466f-ab7e-26849b4a9672.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0001.ca0f8f05-7203-466f-ab7e-26849b4a9672.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c0a3f428ad97ef57830ebae74b5f6c0de4d3328b4b7a14505a5e2dad84c184f1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:32 GMT
Server
nginx
Age
106890
ETag
"fc9b3d6d50b6941cc97426f2f6bb94da"
x-amz-server-side-encryption
AES256
X-cdnca02A
854; 153227.364; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517483.355; 7200.000
Accept-Ranges
bytes
Content-Length
252016
tile00x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile00x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a02dececd92b93cbd0cacd5539f65df5710a8b64930a15e17209580cb7a45d20
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:01 GMT
Server
nginx
Age
106890
ETag
"25749ad0c760ec17e9d1b8408a334eab"
x-amz-server-side-encryption
AES256
X-cdnca02A
836; 153227.350; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517483.369; 7200.000
Accept-Ranges
bytes
Content-Length
205444
tile00x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile00x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
3369863e5ee77e771c3a64adfec2c25920b7afaca510cddfdcc8003b405879e7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:01 GMT
Server
nginx
Age
106890
ETag
"c155f9699beaccf8f2bcde4f81b16e22"
x-amz-server-side-encryption
AES256
X-cdnca02A
834; 153228.381; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517482.301; 7200.000
Accept-Ranges
bytes
Content-Length
215613
tile00x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile00x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a42203cf34de0dc09984ee4a9da8e500ddd550fdba8847a79ea23e4f103976c1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:01 GMT
Server
nginx
Age
106889
ETag
"f5f825907ee705df92c0ec9f3387b825"
x-amz-server-side-encryption
AES256
X-cdnca02A
834; 153228.422; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517482.625; 7200.000
Accept-Ranges
bytes
Content-Length
9089
tile01x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile01x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
44d3e303ef8f5ec5bfc7d35fedfd49d09d0491fc863724360b691c174b5249a5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"874a9de3d3a64631d17c2f66921fa510"
x-amz-server-side-encryption
AES256
X-cdnca02A
832; 153228.725; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517482.349; 7200.000
Accept-Ranges
bytes
Content-Length
102116
tile01x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile01x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c33fac9bc997651406c6933d3feee7c74927777c6fa34d24bc0408bcf847f587
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:01 GMT
Server
nginx
Age
106889
ETag
"cb648a2cb41c93a10eb879b2599aecff"
x-amz-server-side-encryption
AES256
X-cdnca02A
828; 153228.764; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517482.258; 7200.000
Accept-Ranges
bytes
Content-Length
98497
tile01x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/ Frame DE46 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0001.bd831bc7-032c-4987-b485-ca856d308560/tile01x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
25df2b813607d24691a92c17774da367973b831c31ec948c7ae6b0ff1b75f97b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"5003c2331bc7dedf0b224ebc6ecc8fdb"
x-amz-server-side-encryption
AES256
X-cdnca02A
824; 153229.364; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.923; 7200.000
Accept-Ranges
bytes
Content-Length
4559
0002.0a7e6c2c-cb36-4d07-b793-cba0a23482b4.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0002.0a7e6c2c-cb36-4d07-b793-cba0a23482b4.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
430585bb7e8f46b6c239073cbd6f6a0e92493881ad75014e2b45eb4ff4c1b977
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:32 GMT
Server
nginx
Age
106889
ETag
"67d98dd1685ce50acc166a6fea5cdfde"
x-amz-server-side-encryption
AES256
X-cdnca02A
819; 153229.310; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.662; 7200.000
Accept-Ranges
bytes
Content-Length
53630
tile00x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile00x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
619cb0634f95b69376043d8c2d67225815d7e975d1d7454f77fb721aa42d35a0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"99c2ab6e86d28d7bc18734506455d136"
x-amz-server-side-encryption
AES256
X-cdnca02A
820; 153229.102; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.692; 7200.000
Accept-Ranges
bytes
Content-Length
34062
tile00x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile00x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
f0e76ea483bbaf1f47464b4b970ee38ea1262b2d474d54b4ea2e113c30a117c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106890
ETag
"9eb0353fe0ab043011d6b7e61aa955fe"
x-amz-server-side-encryption
AES256
X-cdnca02A
812; 153229.454; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.362; 7200.000
Accept-Ranges
bytes
Content-Length
97268
tile00x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		894 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile00x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
1354d919694f2229f1055aec5fe92102c59d7aed474b60a13de761780b38b45a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106890
ETag
"d92d2fc978b2181e8fc0cd88d78daec6"
x-amz-server-side-encryption
AES256
X-cdnca02A
809; 153229.438; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.380; 7200.000
Accept-Ranges
bytes
Content-Length
894
tile01x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile01x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
b0b4907479a5af2f31ce82d88244bf401ee6f2097a82d787cdb382209a8e505a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"3f53178c2e21326c51e02db67c750719"
x-amz-server-side-encryption
AES256
X-cdnca02A
811; 153229.723; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517481.089; 7200.000
Accept-Ranges
bytes
Content-Length
5769
tile01x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile01x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
788ae13b25ade980036bb8c6ec8ce25b4240beee69fa2470d1353a39afcdc709
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"2c8123ababf4596441bb1d04334e4911"
x-amz-server-side-encryption
AES256
X-cdnca02A
804; 153229.916; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.920; 7200.000
Accept-Ranges
bytes
Content-Length
15809
tile01x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/ Frame DE46 		593 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0002.31ddb95d-2774-4212-baa6-eac0b9aba3d8/tile01x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
f6b2e7f8c96c870b52cf8840d4222a9cb4738f9925fb6fcfec4fadf48d23c360
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"688420b54f4a5ff30ee4d20a790ebac6"
x-amz-server-side-encryption
AES256
X-cdnca02A
806; 153230.063; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.800; 7200.000
Accept-Ranges
bytes
Content-Length
593
0003.122cbec5-88ba-496f-8cf9-12f40ebe5b14.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0003.122cbec5-88ba-496f-8cf9-12f40ebe5b14.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2e270e62d0b8ff774f5f56d64159f9123ad20e2f6bb8d3dd11ea3155942c95c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"2b0b7ac533eb7027672b3d4c37496ad7"
x-amz-server-side-encryption
AES256
X-cdnca02A
795; 153230.097; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.696; 7200.000
Accept-Ranges
bytes
Content-Length
111332
tile00x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile00x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
9be13e42ab6783e7aafa12099a6b2e42ed17797aa823e2f7508b2f0ba2f2218f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"ecd02fa40fc70470c39c041dc0d8d9a4"
x-amz-server-side-encryption
AES256
X-cdnca02A
803; 153230.287; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.502; 7200.000
Accept-Ranges
bytes
Content-Length
51895
tile00x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile00x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c3badaf15c5bfc5f1f82b531ae32f6351624d8f039a5c95bfd57d60eb0ff772d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"d8f3f3c6baaa9dc3e60c3a9a22a4a01f"
x-amz-server-side-encryption
AES256
X-cdnca02A
793; 153230.584; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.280; 7200.000
Accept-Ranges
bytes
Content-Length
171736
tile00x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile00x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
17c3ce4bb1b9c7fa48da627fdc8f344ae166829af9727a9e793755ef361d920f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:03 GMT
Server
nginx
Age
106889
ETag
"a3cfbfb0eef89dd6eb544996e9b8de71"
x-amz-server-side-encryption
AES256
X-cdnca02A
803; 153230.744; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517480.081; 7200.000
Accept-Ranges
bytes
Content-Length
1709
tile01x00.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile01x00.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
3c3b1417602738999e715b47ec9b33494c8494d7436feef4b49d407379219d65
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:03 GMT
Server
nginx
Age
106889
ETag
"61d394c4e8d5f6fb05363bdb14357fce"
x-amz-server-side-encryption
AES256
X-cdnca02A
789; 153231.073; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517479.771; 7200.000
Accept-Ranges
bytes
Content-Length
26974
tile01x01.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile01x01.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
e1b8e1b21221b8baeee247e0148e180848d9cb3a15e340a582d0de8cd7d54b46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:02 GMT
Server
nginx
Age
106889
ETag
"897ec1594bccb53895e2a953999aec89"
x-amz-server-side-encryption
AES256
X-cdnca02A
797; 153231.054; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517479.833; 7200.000
Accept-Ranges
bytes
Content-Length
38937
tile01x02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/ Frame DE46 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tileset/0003.cc631c4e-bb54-47c2-8c55-61d78e9f2f5a/tile01x02.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c0d780992df3560dba37edea5f18e9db6724423f6b8d6ac616d3dd1955adf819
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:03 GMT
Server
nginx
Age
106890
ETag
"abfb676658e2fd56e7aac130d237e991"
x-amz-server-side-encryption
AES256
X-cdnca02A
788; 153231.380; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517479.415; 7200.000
Accept-Ranges
bytes
Content-Length
1063
0004.d345ec9d-b687-4d01-bff1-7768224bca4d.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0004.d345ec9d-b687-4d01-bff1-7768224bca4d.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2fbac49c15d371cda3746987f1ddfeefb8fc2c42a7ff7cb2e53e0cd3214c573a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106890
ETag
"96ead1ea1a8a063edef3bc00d5b47fcb"
x-amz-server-side-encryption
AES256
X-cdnca02A
792; 153231.389; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517479.440; 7200.000
Accept-Ranges
bytes
Content-Length
145607
0005.8a27fa02-ebe7-4e06-9033-04beafb9ee0f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0005.8a27fa02-ebe7-4e06-9033-04beafb9ee0f.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
8e91fec39a273cfd9ccc97c3b0f464e9b00d520c91dd789e6af4ad6a697745b7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"792d0b12c2874eb4ef6c181d57748820"
x-amz-server-side-encryption
AES256
X-cdnca02A
793; 153231.661; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517479.205; 7200.000
Accept-Ranges
bytes
Content-Length
220925
0006.867a9cee-350e-4470-8a8a-411b46d6440b.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0006.867a9cee-350e-4470-8a8a-411b46d6440b.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
5b34da2669c661e6aedf9a9f1f03c8ef6b56287f4434d704ab3ada7a00651534
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"4a1998f7203db9ff1bb7986b87e66696"
x-amz-server-side-encryption
AES256
X-cdnca02A
789; 153232.029; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517478.811; 7200.000
Accept-Ranges
bytes
Content-Length
235272
0007.feca1840-a718-4ff0-8730-1b569c887ce6.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0007.feca1840-a718-4ff0-8730-1b569c887ce6.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
882bb257ef890c4010a4caf315dc613475afcd1442c0c10e0f4713e3bc5e8150
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"92f8386a2d0e9d41b83a2222eed34e31"
x-amz-server-side-encryption
AES256
X-cdnca02A
782; 153232.338; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517478.567; 7200.000
Accept-Ranges
bytes
Content-Length
211497
0008.46423f17-17c0-47c2-bc8d-32c4cb1285e6.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0008.46423f17-17c0-47c2-bc8d-32c4cb1285e6.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
47e84a0182a22ea8cb80c71bd5cd59fb4ad690c1094cc8b26633193c9b84504b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"cf669c096941deaa772f274d200f4354"
x-amz-server-side-encryption
AES256
X-cdnca02A
783; 153232.551; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517478.383; 7200.000
Accept-Ranges
bytes
Content-Length
233647
0009.a1fc999d-ffda-41ef-9e33-9ef73772e027.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0009.a1fc999d-ffda-41ef-9e33-9ef73772e027.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
e9ad8c34179328ca00be1e418ed15f8edf0fd33f0bdc360df3d3ddf1de30f678
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"d7430622538a95679e3609238a97138e"
x-amz-server-side-encryption
AES256
X-cdnca02A
778; 153232.635; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517478.190; 7200.000
Accept-Ranges
bytes
Content-Length
159902
0010.b80ea6f7-3ddb-400e-b956-e05bd0aac423.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0010.b80ea6f7-3ddb-400e-b956-e05bd0aac423.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
726e9de4949b01f1fa45b7a5cb2c35fc8f08bbbee34b27df8a0b9cd6c83fa354
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:33 GMT
Server
nginx
Age
106889
ETag
"8b1ed8203bb52a234159d522525c479c"
x-amz-server-side-encryption
AES256
X-cdnca02A
785; 153232.883; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.998; 7200.000
Accept-Ranges
bytes
Content-Length
218353
0011.05e66e5f-e56f-4e68-bb58-6c2b95602210.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0011.05e66e5f-e56f-4e68-bb58-6c2b95602210.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
d544c5b7440de75791a2299db080f98fb15e0a4b3e61b84fbbbe6c67f7de619a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"0ff56a312009efa11fd2079461f0bab4"
x-amz-server-side-encryption
AES256
X-cdnca02A
773; 153233.032; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.886; 7200.000
Accept-Ranges
bytes
Content-Length
228394
0012.79cad690-df32-483b-9d47-eb8a3091dbaa.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0012.79cad690-df32-483b-9d47-eb8a3091dbaa.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
5c8a46626e7f2127d9c28cda9b2d42fb3569f401ac6c804f6ea0d8d92df8b35b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"86914937572abd49fe7e1114a6bebe2a"
x-amz-server-side-encryption
AES256
X-cdnca02A
762; 153233.193; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.620; 7200.000
Accept-Ranges
bytes
Content-Length
97152
0013.d106430c-e20d-4c5f-89bd-a1fd1052ea8a.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0013.d106430c-e20d-4c5f-89bd-a1fd1052ea8a.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c99a691d48738ad3af84ecf18674baaf17b0a866f08518c7f2fb0a318e996fcd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"6b4ccf3c1c832ab8c368b7a6dbecc37d"
x-amz-server-side-encryption
AES256
X-cdnca02A
763; 153233.314; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.516; 7200.000
Accept-Ranges
bytes
Content-Length
99677
0014.90d88437-5b9e-485e-a011-c59485687507.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0014.90d88437-5b9e-485e-a011-c59485687507.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
aa1385e3c5e44713fb38c1fa6135921ef28acf843a709af6a902f1821bbe87ee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106890
ETag
"126f3c5876591e4072232abfff0586cd"
x-amz-server-side-encryption
AES256
X-cdnca02A
758; 153233.494; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.387; 7200.000
Accept-Ranges
bytes
Content-Length
98591
0015.73fb966c-14ce-4d39-8a6b-1678293d1529.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0015.73fb966c-14ce-4d39-8a6b-1678293d1529.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
32981ef62e1e682468527309048030cb962838e03d07ade3e1d1605e9e30d049
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"c56f42838ac394f0f936ef6f828b9865"
x-amz-server-side-encryption
AES256
X-cdnca02A
757; 153233.721; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.157; 7200.000
Accept-Ranges
bytes
Content-Length
161317
0016.d6e22b63-b760-448b-a760-01818e522fbc.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0016.d6e22b63-b760-448b-a760-01818e522fbc.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
b6e14fd115de8108bde54622deb9cd8a6d13dcb8c1cd22031c322827d15176b3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"c497506f5a7612a5929326059b27f834"
x-amz-server-side-encryption
AES256
X-cdnca02A
765; 153233.875; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517477.033; 7200.000
Accept-Ranges
bytes
Content-Length
189369
0017.32a772b5-b58f-47e4-bf90-6eda32e1c7ff.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0017.32a772b5-b58f-47e4-bf90-6eda32e1c7ff.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
b5533b4384a82c368d89b0b5a87ee2031918a39306a8ae262705ff52480a8ce3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"84ad419f6856a21ccc0f06114cdf56be"
x-amz-server-side-encryption
AES256
X-cdnca02A
747; 153234.100; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517476.864; 7200.000
Accept-Ranges
bytes
Content-Length
179612
0018.299332f2-c424-431c-bf55-1043983f2811.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0018.299332f2-c424-431c-bf55-1043983f2811.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
ba8de09732362dc2d2de144938e7ff4c6595a9a73fb4b626b90af40374636f6e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"6cb0ec614a75563939e4c1e45b98dabc"
x-amz-server-side-encryption
AES256
X-cdnca02A
753; 153234.217; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517476.645; 7200.000
Accept-Ranges
bytes
Content-Length
210375
0019.c9882dc6-e54a-48a4-afdf-6082456e675c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0019.c9882dc6-e54a-48a4-afdf-6082456e675c.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
84f32a7679e50049bccc45afe9e48e22594f50f15217866f0f6a1f25dbf4736b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106890
ETag
"87ad0353d4d5bde9be2c5a78fbac2a10"
x-amz-server-side-encryption
AES256
X-cdnca02A
750; 153234.418; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517476.465; 7200.000
Accept-Ranges
bytes
Content-Length
201984
0020.7733c8fa-1e0f-4d4c-9a19-2ff002cd2dc8.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0020.7733c8fa-1e0f-4d4c-9a19-2ff002cd2dc8.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
ae687870ea89c2a4a1d9dd25ab0c568bd39e41b00bd93d88738d6673a7eb57cd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:34 GMT
Server
nginx
Age
106889
ETag
"208152b3f4cc76bb3363926468f39360"
x-amz-server-side-encryption
AES256
X-cdnca02A
738; 153234.656; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517476.244; 7200.000
Accept-Ranges
bytes
Content-Length
198490
0021.df73b78a-d56a-4315-bd2a-490ddb5a05b7.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0021.df73b78a-d56a-4315-bd2a-490ddb5a05b7.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2883771ff40dc50a4357e7043340298bbf72946dd1306ce1379ad1787936332a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"efd529d7dc71468303ea0ebdcceb071d"
x-amz-server-side-encryption
AES256
X-cdnca02A
745; 153234.820; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517476.107; 7200.000
Accept-Ranges
bytes
Content-Length
239614
0022.5d9916c5-77ed-4de3-a033-adb9f2df47ca.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0022.5d9916c5-77ed-4de3-a033-adb9f2df47ca.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
087702ae820182eedd971617258fe791019df271c18173e8209d0ea14f1fc7f0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"92f6b92d4304243594a32cf1dae1ea39"
x-amz-server-side-encryption
AES256
X-cdnca02A
749; 153235.054; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.903; 7200.000
Accept-Ranges
bytes
Content-Length
155438
0023.92da1c0f-4912-40c2-aa14-841ca7ffc853.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		146 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0023.92da1c0f-4912-40c2-aa14-841ca7ffc853.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
4186d8d72a104cea9864687f3ee89e3e4f05f52e76cc53b1fcc050bad46d5616
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:50 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"45d6b167c66fca00b975ed51e44174ee"
x-amz-server-side-encryption
AES256
X-cdnca02A
745; 153235.318; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.684; 7200.000
Accept-Ranges
bytes
Content-Length
149852
0024.6b41fbd3-703a-43c2-8a59-4f826fe4dacd.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0024.6b41fbd3-703a-43c2-8a59-4f826fe4dacd.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
6befb6ff03aaf3003c4eadcb85b14f4a6317461054d3596e558459ababd26ff3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"ab2e6b2f4bf417e6fa16b08499389c8b"
x-amz-server-side-encryption
AES256
X-cdnca02A
732; 153235.379; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.617; 7200.000
Accept-Ranges
bytes
Content-Length
206073
0025.2adff23e-d3dc-4ea0-b57b-769ccef12fcc.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0025.2adff23e-d3dc-4ea0-b57b-769ccef12fcc.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
bceb255f8ad7733de75c373fb529d36fd91305c563d697432939167301d771ed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"2df6d8b8ffcc2de7ea3f9c392cd506fc"
x-amz-server-side-encryption
AES256
X-cdnca02A
742; 153235.604; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.403; 7200.000
Accept-Ranges
bytes
Content-Length
200652
0026.3e0f33d5-8a66-4072-9f56-8fb70b95930e.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0026.3e0f33d5-8a66-4072-9f56-8fb70b95930e.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2d5668260b2d2a09441ff385b75608c67e5e975ad139494a806899a77456bea1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"a36c48a4bff7d687882a013915b1f995"
x-amz-server-side-encryption
AES256
X-cdnca02A
736; 153235.771; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.214; 7200.000
Accept-Ranges
bytes
Content-Length
206389
0027.a936d8b5-6b89-4807-95ed-4f03f425e8bf.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0027.a936d8b5-6b89-4807-95ed-4f03f425e8bf.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
bb168da315c10bb24b435aa96463efb3ab38d17847a0b343b62d632945463ea1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"f78ac1730dbb5ef8ea37574fe4230c41"
x-amz-server-side-encryption
AES256
X-cdnca02A
727; 153236.011; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517475.020; 7200.000
Accept-Ranges
bytes
Content-Length
211167
0028.c8df33ab-0de9-4b39-a3c0-aa10dc85277f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0028.c8df33ab-0de9-4b39-a3c0-aa10dc85277f.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
3fa73656bab432a0d1e44ec4d2d25c5959c4d4a392af200e405aa38723e1c0ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:35 GMT
Server
nginx
Age
106889
ETag
"5693f72b977efde1c5fb0864ee545503"
x-amz-server-side-encryption
AES256
X-cdnca02A
737; 153236.118; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517474.882; 7200.000
Accept-Ranges
bytes
Content-Length
203782
0029.27b00e14-4234-4653-9890-3bebda13dd6f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0029.27b00e14-4234-4653-9890-3bebda13dd6f.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
77a5cf139741a08ea52ae413b92cf633b3c193a30ba863ad1b3b1b42a4153bd7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"78b90be72a699b5f52f28490fb27490d"
x-amz-server-side-encryption
AES256
X-cdnca02A
726; 153236.371; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517474.642; 7200.000
Accept-Ranges
bytes
Content-Length
190927
0030.450f65bb-16f2-47b4-b6a6-cea06fc44fe9.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0030.450f65bb-16f2-47b4-b6a6-cea06fc44fe9.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
ff68327a8df730ef95a6c5f6cd45bd5310db5a98952a811b7c9bf2d993f3a8d3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"1b194d9521060e8b28662be6830eed63"
x-amz-server-side-encryption
AES256
X-cdnca02A
713; 153236.620; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517474.391; 7200.000
Accept-Ranges
bytes
Content-Length
225949
0031.a0d1203d-7590-4722-8081-daeba0b9c9a5.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0031.a0d1203d-7590-4722-8081-daeba0b9c9a5.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
5799690c18ef0f21920ab09471dd01fe95cba0a2ec5a901cfd8c3cd40736bf6d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"994ca8a714556184ba1f5a2bb1801418"
x-amz-server-side-encryption
AES256
X-cdnca02A
723; 153236.901; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517474.149; 7200.000
Accept-Ranges
bytes
Content-Length
206270
0032.16c0fda8-4df7-4552-9cd1-16db6293c735.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0032.16c0fda8-4df7-4552-9cd1-16db6293c735.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
43a84f44f6cfca2acc9c7192da86db1e0efaf438de5bf16797ccdcc5f0b5a65d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"b4ed63520ddc40f8273f2715abdec6d4"
x-amz-server-side-encryption
AES256
X-cdnca02A
714; 153237.014; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517474.041; 7200.000
Accept-Ranges
bytes
Content-Length
184508
0033.cc580a46-fe0c-44e2-89fd-92c7e1868d14.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0033.cc580a46-fe0c-44e2-89fd-92c7e1868d14.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
13b04774bdb2cd6b0beb44f0ac557caaac30d90c9a0035bcb989d25e5bbf0a63
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"fe41cb186ba91fd6e1a380095eeb2dd5"
x-amz-server-side-encryption
AES256
X-cdnca02A
708; 153237.371; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517473.606; 7200.000
Accept-Ranges
bytes
Content-Length
180229
0034.69a83c29-547e-4fec-86be-5a9bb7c0edd7.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0034.69a83c29-547e-4fec-86be-5a9bb7c0edd7.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
6849657d8c4f144564b36e2d25c6c7e597b52f2e784c63934a81ee7da734cd05
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"e721c7b00d8de8d266f0fe188d313be4"
x-amz-server-side-encryption
AES256
X-cdnca02A
712; 153237.393; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517473.677; 7200.000
Accept-Ranges
bytes
Content-Length
174056
0035.ab9b70da-0cc2-4a5d-987a-9b05849a94bd.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0035.ab9b70da-0cc2-4a5d-987a-9b05849a94bd.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
5a4dea06ce5e3f28c9415c066e37fb582f3ff96bf398a8af2fc532f938e36100
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"957eae28929603bcf97086ba5769e22a"
x-amz-server-side-encryption
AES256
X-cdnca02A
707; 153237.865; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517473.211; 7200.000
Accept-Ranges
bytes
Content-Length
216651
0036.26d5bea9-931e-4a35-809d-08e9358c7e2f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0036.26d5bea9-931e-4a35-809d-08e9358c7e2f.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2965f2bc2266dd1b0ffe4d17cc2d66f95c446bd6372a1e90ade5098c9afb080f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:36 GMT
Server
nginx
Age
106889
ETag
"e6dc01af87a32c18e9fd20709f8227b8"
x-amz-server-side-encryption
AES256
X-cdnca02A
703; 153238.081; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.996; 7200.000
Accept-Ranges
bytes
Content-Length
212511
0037.b8086aa3-93d3-40e5-b68d-387e36445c33.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0037.b8086aa3-93d3-40e5-b68d-387e36445c33.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
d20c83b61870ff96ae163d0f5241a3b0da9f5442022ef0e9c0597b41a894b86b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"100ebb8c13eb12715fc6af7a41153c85"
x-amz-server-side-encryption
AES256
X-cdnca02A
706; 153238.323; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.806; 7200.000
Accept-Ranges
bytes
Content-Length
187352
0038.4da3400d-b87b-47e8-a66d-0d16f6361505.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0038.4da3400d-b87b-47e8-a66d-0d16f6361505.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
f4c4e869912880e643dfdfb2edcd8754e9eb755a251a5d3fe72d454815adf5be
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106888
ETag
"d385fff31c416d71c09857bed5b19df2"
x-amz-server-side-encryption
AES256
X-cdnca02A
712; 153238.546; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.572; 7200.000
Accept-Ranges
bytes
Content-Length
236133
0039.4a24a40c-c87f-4d8d-b723-3b41860e158f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0039.4a24a40c-c87f-4d8d-b723-3b41860e158f.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
2dd9c23ab23e3550763de27b881860da5082a7cd5834a099ec0f24799112e2d7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"6d87182093ac4cd1f30f52093dbdde76"
x-amz-server-side-encryption
AES256
X-cdnca02A
699; 153238.607; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.435; 7200.000
Accept-Ranges
bytes
Content-Length
191686
0040.88705a33-0a88-484c-bb63-d9f6eecb5e8d.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0040.88705a33-0a88-484c-bb63-d9f6eecb5e8d.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
7fd055cc0762380ade029f1c4f98aa218bb089b936fd4b73a8a00929f32fc066
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"5a7f81566f04f508290cbdf77f97ae46"
x-amz-server-side-encryption
AES256
X-cdnca02A
702; 153238.893; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.234; 7200.000
Accept-Ranges
bytes
Content-Length
213945
0041.6f0db8a5-611f-437c-ba89-41c3fd046ac7.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		244 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0041.6f0db8a5-611f-437c-ba89-41c3fd046ac7.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
594c225e790ebd5ea54d128fc686244ed1c59edef3b6f7b0e0cc7ed39f2b396f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"83abe04b221fce02d6a68b00d548b755"
x-amz-server-side-encryption
AES256
X-cdnca02A
705; 153239.015; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517472.109; 7200.000
Accept-Ranges
bytes
Content-Length
250129
0042.1be8166b-3033-4a29-ad07-d06e3b3d225e.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0042.1be8166b-3033-4a29-ad07-d06e3b3d225e.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
68511f5b9b3334fd679a73ab49cba8c05ab2460e36ec9564f25f756e4aa8f071
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"f26493edb9bd2222e92c13027e52ae5a"
x-amz-server-side-encryption
AES256
X-cdnca02A
699; 153239.308; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517471.804; 7200.000
Accept-Ranges
bytes
Content-Length
238465
0043.b268fbc1-aa6e-4cea-be82-e3aa44ee2fe2.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		225 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0043.b268fbc1-aa6e-4cea-be82-e3aa44ee2fe2.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
77d6cc20bc333f4d34625472076c72800c728ff605da394fea93803f2463187b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"15100002f855baad864b0b5303ad0fb4"
x-amz-server-side-encryption
AES256
X-cdnca02A
691; 153239.406; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517471.811; 7200.000
Accept-Ranges
bytes
Content-Length
230520
0044.2994e077-5e34-4075-a72c-ff3976c5fad6.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		238 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0044.2994e077-5e34-4075-a72c-ff3976c5fad6.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
7818e7db9f52cb47b3cfbd023252319dc6d076227ea8c973c69b082debd6207e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"02c9cb921ca7d238d622ec69c977c624"
x-amz-server-side-encryption
AES256
X-cdnca02A
703; 153239.754; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517471.443; 7200.000
Accept-Ranges
bytes
Content-Length
243462
0045.01cbde83-7775-402b-9548-4466b64f0bb0.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0045.01cbde83-7775-402b-9548-4466b64f0bb0.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
684224303aa350da2b7173ce8bfc7b6d564450c260249d5c4deb1815c806eb10
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:37 GMT
Server
nginx
Age
106889
ETag
"74d1ff84d209d1c951d38a746c94b502"
x-amz-server-side-encryption
AES256
X-cdnca02A
693; 153239.883; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517471.240; 7200.000
Accept-Ranges
bytes
Content-Length
231486
0046.d3d70c0f-0810-49e1-b53a-41079741f086.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0046.d3d70c0f-0810-49e1-b53a-41079741f086.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
52e14676901cc834de04123b6c24fe8eac3a063518a33f160b8e3d52bc590640
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"cac5f5b005f4b94475b007e0b7f3a80b"
x-amz-server-side-encryption
AES256
X-cdnca02A
699; 153240.265; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517470.933; 7200.000
Accept-Ranges
bytes
Content-Length
218350
0047.db87b1e9-91b3-4348-92e7-3b0f8c391742.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0047.db87b1e9-91b3-4348-92e7-3b0f8c391742.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
bcf354590ea976a3d5b046b4d06bd9e83b5e2b8a42d39bf7307843656fa6764b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"61357938e6c18389a313b8af93651dd3"
x-amz-server-side-encryption
AES256
X-cdnca02A
695; 153240.482; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517470.728; 7200.000
Accept-Ranges
bytes
Content-Length
214860
0048.054d2222-7045-4b99-b832-a348a22c9f14.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0048.054d2222-7045-4b99-b832-a348a22c9f14.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a48069602593db5d19ddc4c9e9b213c1676c772fa15d6719b7752e79cc378ee6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106888
ETag
"ce1b4f0c162298d692d2774bb4997977"
x-amz-server-side-encryption
AES256
X-cdnca02A
700; 153240.684; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517470.555; 7200.000
Accept-Ranges
bytes
Content-Length
260048
0049.e46c357d-355c-4892-bc24-b1112bbf8f40.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0049.e46c357d-355c-4892-bc24-b1112bbf8f40.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
739b8e0b2e8c07b1dfed26bf50529e0ddd561252cf7938bb168a7bc00031ff67
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"731875548b9e051bf236071b8acfab11"
x-amz-server-side-encryption
AES256
X-cdnca02A
685; 153240.895; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517470.404; 7200.000
Accept-Ranges
bytes
Content-Length
252391
0050.3b4bbd4c-5734-4496-9450-46e2471042c0.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0050.3b4bbd4c-5734-4496-9450-46e2471042c0.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
c73c3b9914b9510a2e44a969305b24f0baaf169dcaf1c6fa9119c9539202233c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"ba9899d9cb42bc16ab6948551dac2b5b"
x-amz-server-side-encryption
AES256
X-cdnca02A
699; 153241.081; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517470.177; 7200.000
Accept-Ranges
bytes
Content-Length
223787
0051.794a1fc3-f7bc-4bcb-960a-132df4886fb3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0051.794a1fc3-f7bc-4bcb-960a-132df4886fb3.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
3e023d1fe6ebb74e6c4b67611a5f1d99fc8d0699216192100c6869ec4ad2269f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:51 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"9d426bc61816d741d15d6526a054543e"
x-amz-server-side-encryption
AES256
X-cdnca02A
684; 153241.228; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.995; 7200.000
Accept-Ranges
bytes
Content-Length
237191
0052.ecb22e28-d4ed-487f-a209-f964ab2828cf.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		269 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0052.ecb22e28-d4ed-487f-a209-f964ab2828cf.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
e631f555ba9346dd84bff9871972ffd163299f217d27190b7bf374f2792d74c7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:52 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"534d39a6584ae864de7f5e6f5d0b82d0"
x-amz-server-side-encryption
AES256
X-cdnca02A
687; 153241.427; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.851; 7200.000
Accept-Ranges
bytes
Content-Length
275404
0053.198d903b-11f6-40ce-8603-e00c67d26818.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0053.198d903b-11f6-40ce-8603-e00c67d26818.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
e1a40fbfdd9a373a6b92cd44606654708bbb4648239525e8951b0c4e119bc7d1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:52 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106888
ETag
"259fec3e3299cc1b89bbf04d5a178ddd"
x-amz-server-side-encryption
AES256
X-cdnca02A
691; 153241.621; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.693; 7200.000
Accept-Ranges
bytes
Content-Length
269856
0054.bc11bef3-7fad-485b-9e1b-88027bb18bfc.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0054.bc11bef3-7fad-485b-9e1b-88027bb18bfc.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
949157cf47ef5953ef4d99acad4b495ea00f93c7d72f085c47de7ee2c9be5e45
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:52 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:38 GMT
Server
nginx
Age
106889
ETag
"34c2e659eb2bdf094f1c48d0ffcc2a56"
x-amz-server-side-encryption
AES256
X-cdnca02A
687; 153241.908; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.433; 7200.000
Accept-Ranges
bytes
Content-Length
273140
0055.eea6ec78-5626-4936-832b-2d0022ee4ac9.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0055.eea6ec78-5626-4936-832b-2d0022ee4ac9.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a68fb6e459e31b8c5b588f9362ec98b0ac72f7b1e57b8215b2b6dbdf42845202
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:52 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:39 GMT
Server
nginx
Age
106889
ETag
"68db3e3402a705bbb8e9f5276d9c64fe"
x-amz-server-side-encryption
AES256
X-cdnca02A
686; 153242.074; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.257; 7200.000
Accept-Ranges
bytes
Content-Length
147340
0056.7e7fa04d-6e65-45ad-afcd-3c4f0aa3908d.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/ Frame DE46 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/ld/0056.7e7fa04d-6e65-45ad-afcd-3c4f0aa3908d.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:52 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:39 GMT
Server
nginx
Age
106889
ETag
"6db5c42798923543505b2715e110308a"
x-amz-server-side-encryption
AES256
X-cdnca02A
693; 153242.286; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517469.091; 7200.000
Accept-Ranges
bytes
Content-Length
145428
Soleil_Bold.ttf
cdn.cafeyn.co/Public/Cafeyn/fonts/Cafeyn/ Frame DE46 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.cafeyn.co/Public/Cafeyn/fonts/Cafeyn/Soleil_Bold.ttf
Requested by
Host: campaigns.milibris.com
URL: https://campaigns.milibris.com/js/reader.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:16:e6fd:1a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2da6c5ad38b91513fa307a78e1e74d3f4a1270fa31f061db57c54ab4f0ea68bf

Request headers

Referer
https://campaigns.milibris.com/
Origin
https://campaigns.milibris.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
fQVi2YjgkqrFE71qSwaJQ7dd0xRu2hHV
date
Tue, 23 Jan 2024 07:09:07 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
32220
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46552
last-modified
Thu, 27 Oct 2022 08:14:12 GMT
server
AmazonS3
etag
"372cf215e9f99ae818cb2f9778a16954"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
DcnwEqi1lyG_oDf0W2KktJX4TzBoyxtIVwaAs5Z-PqrsBbmwYykc8g==
truncated
/ Frame B3A9 		63 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame 02D3 		63 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame 5480 		63 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
truncated
/ Frame B0BA 		63 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Type
text/html
0001.59f12712-e522-4013-990e-8c5ca15daf69.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0001.59f12712-e522-4013-990e-8c5ca15daf69.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
3894a01d7b0b9fc6283c4a014781b9fb26a83e22a36522890fa2c491387b623d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:39 GMT
Server
nginx
Age
106889
ETag
"9f23931513dca017f3b9a39e9c6d05da"
x-amz-server-side-encryption
AES256
X-cdnca02A
857; 153228.280; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
8; 517482.564; 7200.000
Accept-Ranges
bytes
Content-Length
20025
0002.185d0ef9-68d5-4cc8-8667-0a01bab550d8.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0002.185d0ef9-68d5-4cc8-8667-0a01bab550d8.jpeg
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.146.12 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
cdnca02fo.milibris.com
Software
nginx /
Resource Hash
a81f08d8cac12ababeda1e7234e31b2d3e7282da6fa7a7837b35596df2b8bf42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://campaigns.milibris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 16:04:49 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Fri, 12 Jan 2024 06:50:39 GMT
Server
nginx
Age
106890
ETag
"351346e97c8efd139e1b8219c33d9a11"
x-amz-server-side-encryption
AES256
X-cdnca02A
823; 152975.465; 7200.000
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Credentials
true
X-frontA
5; 517735.367; 7200.000
Accept-Ranges
bytes
Content-Length
5068
0003.693a99fd-d2c0-4789-b221-1cf3adb8bb52.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0004.d09f93d4-8a63-44f1-9036-6670645cd54c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0005.2cd3a933-79ff-4975-81a4-bb373762d8ca.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0006.22b068db-208a-4d91-bbfe-026daf811901.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0007.7df1b40c-ff59-44d4-8a85-186beb4ac699.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0008.2a91fb41-ac5d-4a62-ad6a-3724cebf2e7d.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0009.77cf382b-9781-411f-aecb-b1b4252e86a4.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0010.cb869b45-8b6d-4f20-92ff-81128a2d1f65.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0011.298e0de2-641b-40b3-827c-7c4fcf70e355.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0012.87f2a879-440e-4653-939d-07162e370279.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0013.f2e41cb1-edd4-4718-b1a2-d56d3426d8c3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0014.7d3d8cbb-a106-4af0-966d-193db97607f5.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0015.4c9fc586-9ff8-4fe8-9318-3d4d0f06e25b.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0016.e0b90839-95fb-4397-8f8f-b13beca7972b.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0017.f3da2869-9d74-403c-8f9f-36a94f1f5b66.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0018.e51cfcaa-268d-4412-8603-463ec13e22d2.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0019.e7f1b8ce-0fec-42d3-8925-cdb4b28ae48d.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0020.52dcc48a-01ae-4fb2-b59a-db7ba322a83f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0021.483501d5-6bd5-4a89-9ddf-bf14c4d2068b.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0022.eeecf91f-cc77-406a-a89d-81d411786b77.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0023.c3bca86e-cd80-47b6-807f-aa7b77a9e509.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0024.af028170-24ab-4d17-a4dd-6cf924df071c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0025.fd12452e-12fd-4c6e-b9fa-cf65d1607b48.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0026.c5d51cba-f4ab-4e9a-9306-3ff78a349c02.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0027.8761aef9-a735-4bed-9603-1313755c4926.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0028.77091ad3-d578-43a3-8a69-8d267af0094f.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0029.49939cf0-7010-474a-84e5-a330859277a0.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0030.dca5579f-34f0-4793-9698-073c1aac2a06.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0031.2fc4dc0c-d178-4e71-9e2d-51a1f2954fb6.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0032.07cbfcb8-fe76-413a-8427-4f5db112458c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0033.1ac2288e-2ce2-44a4-8791-226c172370fc.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0034.14e25908-7b06-49e8-a1c5-865e6d142fb3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0035.dbf312d5-5d51-4b70-adc8-3e5748cb22dd.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0036.6b06b44b-3f01-465c-8ff2-faad52b7676c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0037.9eba151a-f792-4989-8bc8-d0be59c95c9a.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0038.7f47f746-5615-43c2-9b8a-7725447914ee.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0039.c89294a5-78be-412f-9a07-e6a6c2f799a3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0040.664edad2-0e64-485c-815e-0973059c3744.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0041.b3433856-185b-4a76-bc1e-300f46f10db5.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0042.bf288d52-53e8-4166-bd4d-1735340695d2.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0043.0d1c8c90-43a7-4d7d-943e-3cb89c0718a3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0044.dd2a9e25-583d-4b2a-9178-b454b6ef60d2.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0045.92179d55-5d99-484f-a615-4f6e5f329f9b.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0046.27a27c93-b955-4956-9f2c-8e749a61d871.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0047.b1f713c7-ad5a-46fc-912b-fb9fb126c7a3.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0048.59ec2d22-3f91-48aa-b2e7-b647b84e47c4.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0049.ece09bb0-73d7-460f-b23d-d2de5f1a3d8e.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0050.fa529ea8-ffa4-4d7a-96a2-eb5ef672b1c5.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0051.484f1392-0f17-4435-b6e4-ef907e31f535.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0052.3994abb5-6a22-420e-9722-42936c589b34.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0053.9ca2e6a2-e1e0-4aec-bf60-761eff47c52c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0054.4ff2f218-5a9d-483b-95cc-e89f38239018.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0055.20f789db-0133-4c59-997d-63131c3a3cd5.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
0056.f0d19d78-ca22-4c53-bdaf-c6c37fdc982c.jpeg
content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/ Frame DE46 		0
0
id
googleads.g.doubleclick.net/pagead/ Frame EDEB 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c69f4dce621c8879c7c43e18557c6bf9a9795c04453e52bf1c82c476b2349dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame EDEB 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:32 GMT
x-content-type-options
nosniff
age
557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 16:10:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 16:04:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EDEB 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fd86b7afb5493c1b947dd9219ec4d6d75943711e0ddcd73177cff7a4c7330c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40816
x-xss-protection
0
remote.js
www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/ Frame EDEB 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50bbe4629f60f09f4ab71653bb36a8f0535f64a40871d66b93fd2a2789982634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
286840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33872
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Jan 2025 08:24:09 GMT
wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
www.google.com/js/th/ Frame EDEB 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 06:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
553720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19705
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 06:16:09 GMT
default.jpg
i.ytimg.com/vi/xjRHlKtjl4k/ Frame EDEB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/xjRHlKtjl4k/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARh_IBMoODAP&rs=AOn4CLDXYMjEg4SZdOYdnz3__vgl7UhRxw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05fdb4fce1d541254cd50986ac9c606d29e6e764fc0fc6d799dfa8b17375165c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:15:15 GMT
x-content-type-options
nosniff
age
6574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2025
x-xss-protection
0
server
sffe
etag
"1704359962"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 23 Jan 2024 16:15:15 GMT
truncated
/ Frame EDEB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
MT2fm1HP_dWmofXmnplw8OXP7ukvd6bRx8dky7f7BOOxyNc3gd2coQ89fg0rDHHqzrYMJ__b=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame EDEB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/MT2fm1HP_dWmofXmnplw8OXP7ukvd6bRx8dky7f7BOOxyNc3gd2coQ89fg0rDHHqzrYMJ__b=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1777d468f998900015e68acaa182f1854c562da1238dab900ee09aedd2d1b8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3265
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:04:49 GMT
piano-analytics-6.12.0.js
tag.aticdn.net/js-sdk/ Frame EBFC 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/js-sdk/piano-analytics-6.12.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFRPT83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa7b517d7206311840317990fef75a6fbe96d575cb0443fb745bff3b3a6477e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
2Ry3ZfCmoNKuGlgyM_JAlkzkv65CF1fd
content-encoding
gzip
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 15:47:19 GMT
x-amz-cf-pop
FRA60-P4
age
1051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 05 Oct 2023 13:54:34 GMT
server
AmazonS3
etag
W/"3d01edfbfd53bcc2687e7dade47dcfd4"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-id
Y9Rnm6Yvv1B6NB5XQJJN2J4SDGIF5tsurL2W2Q8dWp7KTmEulVfqUQ==
63eb93ff1ba16b19c132bfe4_logo%20150.svg
uploads-ssl.webflow.com/637dd711ab0b467c79457819/ Frame EBFC 		12 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/637dd711ab0b467c79457819/63eb93ff1ba16b19c132bfe4_logo%20150.svg
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d02dfcee8ec614054bf52196119d53c0771737a8ad5948844172e47c8408188

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 22:11:38 GMT
x-amz-version-id
Noim3R6SPtP4akpFz6nH.PXGgZOFJYF6
content-encoding
br
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
age
9913992
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 14:00:33 GMT
server
AmazonS3
etag
W/"e3761595f11756fac01b75bb1496b852"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
Qq_iI2PgEzvjqFSw8nqdU7BEMnUdMg23_J2TK9H8fBlTh3tl4hb1HA==
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.150euros.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 23 Jan 2024 16:04:48 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame EBFC 		49 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
49
content-type
application/json; charset=utf-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame EDEB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 16:04:49 GMT
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/zniych72gx/items/9821cd025ca9dcb530f685i142292474/covers/page_1/ Frame EBFC 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/zniych72gx/items/9821cd025ca9dcb530f685i142292474/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c406ddaa5ce6530882df73a7431b8114f87409c07d84aadd4f9b2f5d17cd531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:59:04 GMT
x-amz-version-id
uND_Hk7fttfNtb.f5WHKds44apnT3hwF
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
68746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
72762
last-modified
Mon, 22 Jan 2024 15:22:21 GMT
server
AmazonS3
etag
"45529bc216f6e0adbd213890076bb23c"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
NxZGConR9y_4gBijoZxv8UA4ljKdx3abaYs8vGP0K4810QnEQqknhQ==
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/dkmwkh72gx/items/eec041b7435b080471810ci142124607/covers/page_1/ Frame EBFC 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/dkmwkh72gx/items/eec041b7435b080471810ci142124607/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec5fcca100deb969ac451937e69ae1c72947cc398fbfc35110353cc13fb294a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 08:57:19 GMT
x-amz-version-id
eb1xO_wJeJvX0AgQB59McJVbHKIz3e63
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
1494451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
64820
last-modified
Fri, 05 Jan 2024 10:58:19 GMT
server
AmazonS3
etag
"8f18c1394fbcc5a144877fa140601274"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
fGtVb8PS-gVpH_2SLZon1926P0U1_vUTdlDouljW9gdoeZtxjr-Nvg==
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/v13qjk16rh/items/714f0eac490e2cea572fb3i142229665/covers/page_1/ Frame EBFC 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/v13qjk16rh/items/714f0eac490e2cea572fb3i142229665/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
655692ffa229c797d98b3568b1c31126f6a82abcb70467ef0dccfdbe9ebd156e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:42:50 GMT
x-amz-version-id
Vlb0A.qhf_JcTsfpnj5SzMNtUCZjxgux
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
534120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
60127
last-modified
Tue, 16 Jan 2024 14:55:54 GMT
server
AmazonS3
etag
"1065c93175c20ff87cf8c807a03beaca"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
BEf3ybHT28osH0JdQRK6Unz6Zk1zz9EBPXIbQf7XaWij2MJPoC_HFA==
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/vhnfu1ve47/items/cf69a6880b6242db6a692ei142227402/covers/page_1/ Frame EBFC 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/vhnfu1ve47/items/cf69a6880b6242db6a692ei142227402/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3a646b58f75f6d16539c12cafa4e07f761d54ea118893f67dd869166ed6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 00:19:50 GMT
x-amz-version-id
tp4t48eHHCkvVTj7W.PiHAC5C10i5Fq3
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
143100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
83622
last-modified
Tue, 16 Jan 2024 10:54:34 GMT
server
AmazonS3
etag
"a651713109a11853dc5597af89594f62"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_C4MY4WqN4dF_KyItYO5unZmE9AkUqMkYoYWctgIw3A_hO2UoDRXMQ==
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/dh3ejk16rh/items/164c0cf10ad625a03517aai142216152/covers/page_1/ Frame EBFC 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/dh3ejk16rh/items/164c0cf10ad625a03517aai142216152/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c4996a44235c7dc0abb95a3005b9311989725535259abb3bcb2ba66b6e4c97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 12:00:26 GMT
x-amz-version-id
5NimLiuIeAN.3xLeUu9UQMzLhEbaJSZI
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
360264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
102670
last-modified
Mon, 15 Jan 2024 11:04:42 GMT
server
AmazonS3
etag
"46a459b9a3a8e633c5182351faa5508d"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
s1aDMbRmH9SPGmjIXG7l4ScIyNoBxVrHH_T896jl32f454m891i6WA==
small
d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/v1plc1ve47/items/2af7d9ead0d78f9f1586b1i142067850/covers/page_1/ Frame EBFC 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d160aj0mj3npgx.cloudfront.net/CE6D9EAA9F7/collections/v1plc1ve47/items/2af7d9ead0d78f9f1586b1i142067850/covers/page_1/small
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
826b9c567dbdac6b8bf02dcfd9ece037731d4a7116ee4a651506893296d2801a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 13:57:16 GMT
x-amz-version-id
eY8uL8dk6sz89XkB4jnEIO81uUvR86k4
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P5
age
2254054
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
88522
last-modified
Thu, 28 Dec 2023 11:31:18 GMT
server
AmazonS3
etag
"5b25435fd49aa6a561ba8f60cd3c2027"
access-control-allow-methods
GET, PUT, POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0IvURles61ziPgqClfGvnyH_ODnZsMAbMPVsew1ukPwbGlK2fiqApQ==
event
zkhlvgg.pa-cd.com/ Frame EBFC 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://zkhlvgg.pa-cd.com/event?s=637321&idclient=lrqjrkybzc6x37rf
Requested by
Host: tag.aticdn.net
URL: https://tag.aticdn.net/js-sdk/piano-analytics-6.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.212.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-212-231.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
strict-transport-security
max-age=15768000
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
access-control-max-age
600
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.150euros.fr
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
mr5dVQAlmut3Aoy5rzIzh-ii2omk7cEQ8iAMHRYtVI1yp7hvMK61bQ==
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.150euros.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 23 Jan 2024 16:04:48 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame EBFC 		49 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
49
content-type
application/json; charset=utf-8
hidden.gif
l1s.saturn.ms/ipfs/QmQWPtfjQTkVMWJ6KkXdYPCzbcAygGBbjqK5qvkmdz9izU/ Frame 9E4D 		386 KB
387 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://l1s.saturn.ms/ipfs/QmQWPtfjQTkVMWJ6KkXdYPCzbcAygGBbjqK5qvkmdz9izU/hidden.gif?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJlNGFiMmI2ZC1hMWE0LTQ3NzYtOTNjYy1iMjg4N2ZiZGQ1NGIiLCJzdWIiOiJjMTFkYmJlMS1hMDA3LTRlNTktODZkNS1mYzY3ZGM4ZjMxN2MiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyJhcmMuaW8iLCIqIl0sImlhdCI6MTcwNjAyNTg4OSwiZXhwIjoxNzA2MDI5NDg5fQ.Ogu8STypKK00NxfNzMWq87wv08sLaYStmavpmnCGdCOPNk3JLgdlPLTE_2krrfYkyewg7VlzqBVdUqCubZnRHg
Requested by
Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.83.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-51-77-83.eu
Software
nginx /
Resource Hash
34d10df8fe806fda15428a87f81769921e44ac3c992383cbcc785eafbab10bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
saturn-cache-status
HIT
content-disposition
attachment; filename="QmQWPtfjQTkVMWJ6KkXdYPCzbcAygGBbjqK5qvkmdz9izU.car"
server-timing
started-finding-candidates;dur=0.133121;candidates-found=126720057;candidates-filtered=127296497,retrieval-Bitswap;dur=128.10899;first-byte-received=303115233, shim; dur=22.497757999999997, shim_lassie; dur=21.614993, shim_lassie_headers; dur=21.507837, shim_lassie_body; dur=1.241229, nginx;dur=0, nginx_uct;dur=, nginx_uht;dur=, nginx_urt;dur=
saturn-node-id
1d5b6728-d79e-474f-ac04-8ff8d877fb10
server
nginx
saturn-node-version
1095_62e6d14
etag
"QmQWPtfjQTkVMWJ6KkXdYPCzbcAygGBbjqK5qvkmdz9izU.car.2qg1pl5nv2d4n"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.ipld.car; version=1
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/QmQWPtfjQTkVMWJ6KkXdYPCzbcAygGBbjqK5qvkmdz9izU/hidden.gif
saturn-transfer-id
45588ae9cd03b772c2d20ef62eb7913b
accept-ranges
none
timing-allow-origin
*
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Traceparent
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame EDEB 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 24 Jan 2024 09:44:07 GMT
generate_204
www.youtube.com/ Frame EDEB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?WUpQdg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
iframe_api
www.youtube.com/ Frame EBFC 		993 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFRPT83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fe9a14d5bd2bd3475e794ce6fcff79e9e7ef946e857208f9c4af124c5e9ac74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 23 Jan 2024 16:04:49 GMT
/
www.googleadservices.com/pagead/conversion/831417678/ Frame EBFC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/831417678/?random=1706025888930&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&bttype=purchase&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFRPT83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8eaa5225fa1d7f629faad19000b31d037358492cd4358bb1d2ae65ddc84864e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prismic.js
static.cdn.prismic.io/ Frame EBFC 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdn.prismic.io/prismic.js?new=true&repo=150euros
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/main-dbd2dbedd82ef05d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:d200:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8eb5ecfec8aa8ef9e39ce22a7243d1a5c71362e3792dbd1a0a26ea7f2d359d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:39:22 GMT
content-encoding
gzip
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 11:42:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
33928
x-amz-server-side-encryption
AES256
etag
W/"c8bfbb59bff7a90e1029b3831ece2c04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RuKnml5gftnXI-XPEhCydxUSuWxFYtl7SJ6OPX__rlMYyqiURXIj8Q==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 16:04:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EDEB 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/fr_FR/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d72a4d96590b7e99583837c035e85bb4edb49e8965d0ba8023fd275da287946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 23 Jan 2024 16:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.150euros.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 23 Jan 2024 16:04:48 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
francecentral-1.in.applicationinsights.azure.com//v2/ Frame EBFC 		49 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://francecentral-1.in.applicationinsights.azure.com//v2/track
Requested by
Host: www.150euros.fr
URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.19.27.128 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
fc7b7e92726f4f516f4fa4710b1af4fdfa32580b2654a774bf96e45c147c096a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.150euros.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 16:04:48 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
49
content-type
application/json; charset=utf-8
www-widgetapi.js
www.youtube.com/s/player/787e9b63/www-widgetapi.vflset/ Frame EBFC 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/787e9b63/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:08:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
3404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68593
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 04:49:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 15:08:05 GMT
/
www.google.fr/pagead/1p-conversion/831417678/ Frame EBFC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&d...
  • https://www.google.com/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_e...
  • https://www.google.fr/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_ex...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhLb92PHzgwMVxM07Ah0IXwn8&is_vtc=1&ocp_id=oeOvZcThH8Sb78EPiL6l4A8&cid=CAQSKQAvHhf_TIJo9NIke4qqgJ5JwX5uidR1pTi1LJlFeN4aQ-qXkpG5cH2W&eitems=ChAIgOS9rQYQpMLWwPr2jpZZEh0AMre0YNtj2GI6Xfo8YVofLeRv-PAhmPdK5bE01w&random=3765690800&ipr=y
Requested by
Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.150euros.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 16:04:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.fr/pagead/1p-conversion/831417678/?random=99521640&cv=11&fst=1706025888930&bg=ffffff&guid=ON&async=1&gtm=45He41h0v9103222522&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.150euros.fr%2F%3Futm_source%3DAVT_trafic%26utm_term%3D2956733%26tduid%3D93cab543dc885efc235b7819f84f585e&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&top=https%3A%2F%2Fturfologie.fr.gd&label=IBvwCKmNgfAYEM7auYwD&hn=www.googleadservices.com&frm=2&tiba=150%E2%82%AC%20-%20Je%20m%27informe%2C%20j%27%C3%A9conomise%20-%20Catalogue%20de%20Promotions%20%26%20Bons%20Plans%20-%20150%E2%82%AC&value=0&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhLb92PHzgwMVxM07Ah0IXwn8&is_vtc=1&ocp_id=oeOvZcThH8Sb78EPiL6l4A8&cid=CAQSKQAvHhf_TIJo9NIke4qqgJ5JwX5uidR1pTi1LJlFeN4aQ-qXkpG5cH2W&eitems=ChAIgOS9rQYQpMLWwPr2jpZZEh0AMre0YNtj2GI6Xfo8YVofLeRv-PAhmPdK5bE01w&random=3765690800&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
150euros.prismic.io/prismic-toolbar/4.0.9/ Frame 16B3 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://150euros.prismic.io/prismic-toolbar/4.0.9/iframe.html
Requested by
Host: static.cdn.prismic.io
URL: https://static.cdn.prismic.io/prismic.js?new=true&repo=150euros
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.69.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-69-55.compute-1.amazonaws.com
Software
/
Resource Hash
dd34cc3a0af95382d37cf4318648616c35e2abcff7ccad25d6ec9ec140ddd0e2

Request headers

Referer
https://www.150euros.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 16:04:49 GMT
etag
W/"e304e33fcad3a742d951d7047710bb65"
last-modified
Fri, 21 Oct 2022 11:42:33 GMT
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		1 KB
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 10:25:53 GMT
date
Wed, 17 Jan 2024 10:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame D0AD 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 03:16:47 GMT
date
Wed, 17 Jan 2024 03:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564483
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 11:10:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
neongif.gif
l1s.saturn.ms/ipfs/QmNvp8c8DLb6CyUyVv6gwLgAtB4T9evfUZ1od23eKxeQq8/ Frame 9E4D 		924 KB
926 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://l1s.saturn.ms/ipfs/QmNvp8c8DLb6CyUyVv6gwLgAtB4T9evfUZ1od23eKxeQq8/neongif.gif?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJlNGFiMmI2ZC1hMWE0LTQ3NzYtOTNjYy1iMjg4N2ZiZGQ1NGIiLCJzdWIiOiJjMTFkYmJlMS1hMDA3LTRlNTktODZkNS1mYzY3ZGM4ZjMxN2MiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyJhcmMuaW8iLCIqIl0sImlhdCI6MTcwNjAyNTg4OSwiZXhwIjoxNzA2MDI5NDg5fQ.Ogu8STypKK00NxfNzMWq87wv08sLaYStmavpmnCGdCOPNk3JLgdlPLTE_2krrfYkyewg7VlzqBVdUqCubZnRHg
Requested by
Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.83.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-51-77-83.eu
Software
nginx /
Resource Hash
b1cda852a0ad251aabd03365445035d46bd4d28e0f0e18ed8272108e5a371749
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
saturn-cache-status
HIT
content-disposition
attachment; filename="QmNvp8c8DLb6CyUyVv6gwLgAtB4T9evfUZ1od23eKxeQq8.car"
server-timing
started-finding-candidates;dur=0.081689;candidates-found=225153957;candidates-filtered=225416490,retrieval-Bitswap;dur=225.723342;first-byte-received=98099362, shim; dur=16.337993, shim_lassie; dur=15.933513999999999, shim_lassie_headers; dur=15.833075, shim_lassie_body; dur=0.6287889999999999, nginx;dur=0, nginx_uct;dur=, nginx_uht;dur=, nginx_urt;dur=
saturn-node-id
1d5b6728-d79e-474f-ac04-8ff8d877fb10
server
nginx
saturn-node-version
1095_62e6d14
etag
"QmNvp8c8DLb6CyUyVv6gwLgAtB4T9evfUZ1od23eKxeQq8.car.45510b2i19mop"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.ipld.car; version=1
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/QmNvp8c8DLb6CyUyVv6gwLgAtB4T9evfUZ1od23eKxeQq8/neongif.gif
saturn-transfer-id
af287464b8dab5721363d20e8b9c3e2b
accept-ranges
none
timing-allow-origin
*
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Traceparent
log_event
www.youtube.com/youtubei/v1/ Frame EDEB 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time
1706025891053
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/xjRHlKtjl4k?enablejsapi=1
X-YouTube-Client-Version
1.20240115.00.00
X-YouTube-Time-Zone
Europe/Paris
X-Goog-Visitor-Id
CgtSS2RlNlcyQjBrayigx7-tBjIOCgJGUhIIEgQSAgsMIFQ%3D
X-YouTube-Ad-Signals
dt=1706025888845&flash=0&frm=2&u_tz=60&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C256%2C144&vis=1&wgl=true&ca_type=image&bid=ANyPxKqa517vKQVmH8g4XqOuX5EZQoiubnZgCHP8cHOMnyd4O4uxq7aSQfwgZ7q-TS3cOixY8z7g7LM5QE0G9-WPMLACmg6zYA

Response headers

date
Tue, 23 Jan 2024 16:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 23 Jan 2024 16:04:51 GMT
top-cids
cids.arc.io/ Frame 9E4D 		6 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cids.arc.io/top-cids
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?76bc4f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5865660e35364dfda02a58a36abf22f2be8fdb44bd85259acf959c7c667b65aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.1clic1don.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:04:51 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
01/23/2024 15:37:33
cdn-pullzone
1392871
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"194e-hGbR1NJeRg83U0D9Ml/G4+1orzo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=3600
cdn-requestid
7a89304b3c056741b4045bf68e20752e
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cpmaffiliation.com
URL
http://www.cpmaffiliation.com/103839-200x90.js?rnd=47199902065
Domain
fwd.fwdtrk.com
URL
https://fwd.fwdtrk.com/track?id=
Domain
sub.adzgame.com
URL
https://sub.adzgame.com/redirect?feed=634020&auth=kYcx8E&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
sub.adzgame.com
URL
https://sub.adzgame.com/redirect?feed=634021&auth=FZfz2y&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
xml.eximdigital.com
URL
https://xml.eximdigital.com/redirect?feed=634442&auth=Hr0fZm&subid=test&query=best+deals&url=http%3A%2F%2Fexample.com%2F%3Fq%3Dbest%2Bdeals&default_url=http%3A%2F%2Fexample.com%2F
Domain
xml.flurryad.com
URL
https://xml.flurryad.com/redirect?feed=626942&auth=CSVpPf&subid={subid}&query={query}&url={url}&default_url={default_url}
Domain
tracker.arc.io
URL
https://tracker.arc.io/
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0003.693a99fd-d2c0-4789-b221-1cf3adb8bb52.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0004.d09f93d4-8a63-44f1-9036-6670645cd54c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0005.2cd3a933-79ff-4975-81a4-bb373762d8ca.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0006.22b068db-208a-4d91-bbfe-026daf811901.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0007.7df1b40c-ff59-44d4-8a85-186beb4ac699.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0008.2a91fb41-ac5d-4a62-ad6a-3724cebf2e7d.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0009.77cf382b-9781-411f-aecb-b1b4252e86a4.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0010.cb869b45-8b6d-4f20-92ff-81128a2d1f65.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0011.298e0de2-641b-40b3-827c-7c4fcf70e355.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0012.87f2a879-440e-4653-939d-07162e370279.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0013.f2e41cb1-edd4-4718-b1a2-d56d3426d8c3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0014.7d3d8cbb-a106-4af0-966d-193db97607f5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0015.4c9fc586-9ff8-4fe8-9318-3d4d0f06e25b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0016.e0b90839-95fb-4397-8f8f-b13beca7972b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0017.f3da2869-9d74-403c-8f9f-36a94f1f5b66.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0018.e51cfcaa-268d-4412-8603-463ec13e22d2.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0019.e7f1b8ce-0fec-42d3-8925-cdb4b28ae48d.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0020.52dcc48a-01ae-4fb2-b59a-db7ba322a83f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0021.483501d5-6bd5-4a89-9ddf-bf14c4d2068b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0022.eeecf91f-cc77-406a-a89d-81d411786b77.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0023.c3bca86e-cd80-47b6-807f-aa7b77a9e509.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0024.af028170-24ab-4d17-a4dd-6cf924df071c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0025.fd12452e-12fd-4c6e-b9fa-cf65d1607b48.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0026.c5d51cba-f4ab-4e9a-9306-3ff78a349c02.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0027.8761aef9-a735-4bed-9603-1313755c4926.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0028.77091ad3-d578-43a3-8a69-8d267af0094f.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0029.49939cf0-7010-474a-84e5-a330859277a0.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0030.dca5579f-34f0-4793-9698-073c1aac2a06.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0031.2fc4dc0c-d178-4e71-9e2d-51a1f2954fb6.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0032.07cbfcb8-fe76-413a-8427-4f5db112458c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0033.1ac2288e-2ce2-44a4-8791-226c172370fc.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0034.14e25908-7b06-49e8-a1c5-865e6d142fb3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0035.dbf312d5-5d51-4b70-adc8-3e5748cb22dd.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0036.6b06b44b-3f01-465c-8ff2-faad52b7676c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0037.9eba151a-f792-4989-8bc8-d0be59c95c9a.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0038.7f47f746-5615-43c2-9b8a-7725447914ee.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0039.c89294a5-78be-412f-9a07-e6a6c2f799a3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0040.664edad2-0e64-485c-815e-0973059c3744.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0041.b3433856-185b-4a76-bc1e-300f46f10db5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0042.bf288d52-53e8-4166-bd4d-1735340695d2.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0043.0d1c8c90-43a7-4d7d-943e-3cb89c0718a3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0044.dd2a9e25-583d-4b2a-9178-b454b6ef60d2.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0045.92179d55-5d99-484f-a615-4f6e5f329f9b.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0046.27a27c93-b955-4956-9f2c-8e749a61d871.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0047.b1f713c7-ad5a-46fc-912b-fb9fb126c7a3.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0048.59ec2d22-3f91-48aa-b2e7-b647b84e47c4.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0049.ece09bb0-73d7-460f-b23d-d2de5f1a3d8e.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0050.fa529ea8-ffa4-4d7a-96a2-eb5ef672b1c5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0051.484f1392-0f17-4435-b6e4-ef907e31f535.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0052.3994abb5-6a22-420e-9722-42936c589b34.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0053.9ca2e6a2-e1e0-4aec-bf60-761eff47c52c.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0054.4ff2f218-5a9d-483b-95cc-e89f38239018.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0055.20f789db-0133-4c59-997d-63131c3a3cd5.jpeg
Domain
content.milibris.com
URL
https://content.milibris.com/access/html5-reader/b6f97196-d19d-49a2-b02f-92dc293ce065/pages/jpeg/tn/0056.f0d19d78-ca22-4c53-bdaf-c6c37fdc982c.jpeg

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper object| cookieconsent_options boolean| hasCookieConsent object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| cpma_rnd function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

53 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 5h4zmjePOhJUEl6hcyqSb3rBODMooo8U
.turfologie.fr.gd/ Name: PHPSESSID
Value: 681ccf5c1ab4fc6a2713166ea0e395c5
t.adcell.com/ Name: ADCELLvpid8149
Value: 269847-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401706025885
.nextleveldefend.com/ Name: nextleveldefend_24
Value: eJxtj0FrhDAQhf%2FLQD25JYlJjIKXuizI9rbtucRksoQ1tUTdi%2Fjfm3rpQnsZ%2BN68ecNbYZkwegv1Cnc9LAg1FEQjE9T1lSS9cpwzbnlhDBpOe8mpFNphUSGhilDIYZ6gpiWRhAml5JaESB%2FyVmihZjyHF6hJDpdkliKH005v6Z9PGZf3tP2Z3TFRe07QvnbtuTtmyxw%2BAlq%2FhEY75wevZ9zFaVyiwUZbg8OwK0aHL%2B2vnw0TpWI8671tmKwULw%2BUiJLLQ5bcEV2jp3hnRDybMTyxE2z%2FtDDjePOor%2FjQ5dfw52D7BloqXc0%3D
.1clic1don.fr/ Name: cf_clearance
Value: 2HzEBEV2g7uFbMkx_C7sjFYKiJT_xTP6q3HGlscl5aM-1706025886-1-AWgA9DO75V9BWXxDjcny94LatAng62hCMk2UwvgyzOsNbCVe+EYJdWNUMRj6wVxzC1+SiXm8q3JvUq3Oi8yIROU=
core.arc.io/ Name: _immortal|Arc_nodeId
Value: KqX19iv2EuxD1MxFoR688X
api.yieldads.net/ Name: AWSALBTGCORS
Value: TxU0iPNrxqpkWBrTyorUsNjJt4RytVP/KXO99n5bWgfBG8AOUXHVx2Urc7MXNXLO08jSuSUrcJ8ZBYDVwO2Z8QdPIEHuB1XW0JLhpvrqCyATTq4pE/2MkYFqZ9q3BQNoE+vK4yH463Qz7e4Chnadh/2Dld5Tvk6cI5Zx1vtn+H2UxKtozzI=
api.yieldads.net/ Name: AWSALBCORS
Value: DUy4HT65Q+hu8r3GrW2Tz+pJvnIHQzg6hwmo+HiWgV8KJ4xcUm0SZg1TmeLcQkuJPNcx/LdBlfCbIL5a47160F0uHGrDm5MBr2eLHiqAH4tuBKON8Y6ZWgO0vYDp
findarios.com/ Name: AWSALBCORS
Value: /9oyYyNf37q8AvFfhe+9BR3BU/SW7HGnRL0RKiGj/RLLXDGmDlVDaYCzHyXmUkNxvnovauILiVwn+G0/bqMmpHhNpezSsUhWOzFpwJBx4cA74bnxz97c7whrwpVK
.tradedoubler.com/ Name: UI
Value: 1z11zz15Dz1p0cwmz1awfyQWT4
.awin1.com/ Name: awpv22835
Value: 412871|1706025886|210e2071-ba09-11ee-94b4-2233c304522e
.awin1.com/ Name: awpv14702
Value: 412871|1706025886|211106a0-ba09-11ee-94b4-2233c304522e
.fr.gd/ Name: __gads
Value: ID=c05817f832f7e17c:T=1706025885:RT=1706025885:S=ALNI_MaaQGxoZXP8MGeVv0ZJ_Zj9narLSg
.fr.gd/ Name: __gpi
Value: UID=00000d47e8081953:T=1706025885:RT=1706025885:S=ALNI_Mb223lI2aZHHknEByhZF0aj6mWQYw
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.magsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265afe39ed656c8.618900823416164772%22%3B%7D
.magsrv.com/ Name: zone-cap-5175116
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnx4l9Atu2FPfbBR3kdk3saGG4n5RLMnIkldtuYtQeRGZb6NeBf7-a_a5U6lu8
.casalemedia.com/ Name: CMPS
Value: 3165
.adnxs.com/ Name: XANDR_PANID
Value: nBlGocYzYqU_Y_eh09-EethgyPmh9YD4lFCIcocF43jTnwkDrsAX-PShZoCYmGfNMAtGuQA25dggqpuEPVkwgYcnIad7F_tfvg8V8M8qoRY.
.adnxs.com/ Name: uuid2
Value: 1209335223323359866
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUds/Jxa!@wnfH8K6pQK`!5=E<*L5?%K@bvi])he#1kgjzVojP13B4/GNvAGG#YwK4*6*bpRz*qF1`*b`qP*DH2(
.magsrv.com/ Name: c-tag
Value: %7B%22tag-video%22%3A%22v4%7C%7CFRA%7C4983934%7C80773710%7C0%7C%7C508%7C48%7C2%7C40%7C0%7C0%7C0%7C502%7C0%7C0%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C65afe39ed656c8.618900823416164772%7C%7C0%7Cpornito.de%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1706025886%7C71f72e1fb60179f7295f9051ed888880%7Cok%22%7D
.casalemedia.com/ Name: CMID
Value: Za-jnk-3AMZQa.zBCBqbtAAA
.casalemedia.com/ Name: CMPRO
Value: 1210
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2260E9135B-567D-498D-11C4-ACD0A07AD00E%22%7D
.ctnsnet.com/ Name: cid_3360970cba404c7a82023daad20dc5aa
Value: 1
.ctnsnet.com/ Name: gid_CAESEAfgxN51lE3WsyPSTvKsSKs
Value: 1
.w55c.net/ Name: wfivefivec
Value: hiaeUzYj1Rsjgz5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Za-jnwAQpizA7QBU
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: C
Value: 1
.s.magsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265afe39ed656c8.618900823416164772%22%3B%7D
.adform.net/ Name: uid
Value: 2888809796209558343
gloutchi.com/ Name: OAID
Value: 2fcff48db3fa47b18bc21f3f6198240f
gloutchi.com/ Name: oaidts
Value: 1706025887
.tribalfusion.com/ Name: ANON_ID
Value: aantuJx2eNlSE0U7atv61ZdbByIQ9nZbmtlFTXHHVEJLEEUZdYTGyVayNOdQnAQTtNlf0ci2H4EZaJVT4ZdUTYA5epZcT9
ak.eessoong.com/ Name: OAID
Value: f301508d03ff47ea9975a330fa1c05a0
ak.eessoong.com/ Name: oaidts
Value: 1706025887
my.rtmark.net/ Name: ID
Value: 2fcff48db3fa47b18bc21f3f6198240f
.metaffiliation.com/ Name: neta_ssc
Value: 99b3f4gcc3iwtsrlzqqx8gg5xymc
.metaffiliation.com/ Name: netases_ssc
Value: 99b3f4gcc3iwtsrlzqqx8gg5xymc
.metaffiliation.com/ Name: kwknc_ssc
Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/ Name: kwkncses_ssc
Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.awin1.com/ Name: awpv25291
Value: 412871|1706025887|21b07af8-ba09-11ee-8694-226555b1c0ac
.awin1.com/ Name: AWSESS
Value: 438546:3154253
.arc.io/ Name: widgetOptState
Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222024-01-23T16:04:46.149Z%22%2C%22dismissedAt%22:null}
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z15Dz9TDmHz1aCkyahvm02IyFW1gw%7a6dxgUOAVOKQY.uxk5m9J8g99eBibY%7a3GG%79v8R9qV%79N0NAqOUj.
.tradedoubler.com/ Name: GUID
Value: 1z11zz15Dz1xSsk8z93cab543dc885efc235b7819f84f585e
www.150euros.fr/ Name: ai_user
Value: hyM1VXJ0Aq7xf5qkz26sn4|2024-01-23T16:04:48.656Z
.youtube.com/ Name: YSC
Value: jxHesmZ3zkg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: RKde6W2B0kk
www.150euros.fr/ Name: ai_session
Value: d0noAJQgpSY99gZz3457OT|1706025889091|1706025889091

25 Console Messages

Source Level URL
Text
security warning URL: https://turfologie.fr.gd/
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://turfologie.fr.gd/
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://turfologie.fr.gd/(Line 434)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://turfologie.fr.gd/(Line 433)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=47199902065, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://turfologie.fr.gd/(Line 433)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure script 'http://www.cpmaffiliation.com/103839-200x90.js?rnd=47199902065'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://turfologie.fr.gd/(Line 433)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=47199902065, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://turfologie.fr.gd/(Line 706)
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://adz2you.xyz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error URL: https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602(Line 21)
Message:
Blocked form submission to 'https://clk.tradedoubler.com/click?p=346366&a=2778209&g=25497602' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://xml.zentrixads.com/redirect?feed=626947&auth=1MqBAt&subid={subid}&query={query}&url={url}&default_url={default_url}xml.adtube.media/redirect?feed=615326&auth=JtCpiL&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://xml.adflyer.media/redirect?feed=615322&auth=N0hVKw&subid={subid}&query={query}&url={url}&default_url={default_url}
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://myadsserver.com/cemyl5k.php?key=admaventest2'. This request has been blocked; the content must be served over HTTPS.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://eu4-de84.muggel.net/?nr=1&d=emT9F46Yewh1U3OmiiFwzKXXkSLrDc2s
Message:
Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://example.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://gloutchi.com/4/6844028/(Line 55)
Message:
Blocked form submission to 'https://gloutchi.com/?z=6844028&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://ak.eessoong.com/4/6945102(Line 55)
Message:
Blocked form submission to 'https://ak.eessoong.com/?z=6945102&syncedCookie=true&rhd=false' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=d6CtVryoIgU_0&ci=5972732461513468450&t=1205875913&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=d6CtVryoIgU_0&ci=5972732461513468450&j=rv%3Db%26ss%3D1600x1200%26ws%3D0x0%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2058%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D9%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253A%252F...6prb%3D20030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D0x0%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D0x0%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
security error URL: https://filter.realtime-bid.com/filter?q=%7Bquery%7D&i=3zrQIDgVW-U_0&ci=-2964317887573870510&t=1445030333&h=58(Line 26)
Message:
Blocked form submission to 'https://xml.green-resultsbid.com/click2?i=3zrQIDgVW-U_0&ci=-2964317887573870510&j=rv%3Db%26ss%3D1600x1200%26ws%3D0x0%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D6996%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D9%26rf%3D%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F120.0.6099.224%2BSafari%252F537.36%26nd%3D6%26to%3Dhttps%253A%252...6prb%3D20030107%26tz%3D-60%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D0x0%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D0x0%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0' because the form's frame is sandboxed and the 'allow-forms' permission is not set.
network error URL: https://becely.com/?ref=C6DCt0hWjCm51a&sub_id=lb_44roy6d
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.150euros.fr/?utm_source=AVT_trafic&utm_term=2956733&tduid=93cab543dc885efc235b7819f84f585e
Message:
Unrecognized feature: 'web-share'.
violation error URL: https://www.150euros.fr/_next/static/chunks/pages/_app-451a9a862f4da117.js(Line 5)
Message:
Permissions policy violation: Geolocation access has been blocked because of a permissions policy applied to the current document. See https://goo.gl/EuHzyv for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
150euros.azurewebsites.net
150euros.prismic.io
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.magsrv.com
a.tribalfusion.com
action.metaffiliation.com
ad.a-ads.com
ad.doubleclick.net
ad4m.at
admediatex.net
adnade.net
ads.travelaudience.com
adz2you.xyz
ak.eessoong.com
api-marketing.milibris.com
api.yieldads.net
arc.io
as.ad4m.at
asrv205.com
assets.ad4m.at
becely.com
billigerscheiss.de
blogger.googleusercontent.com
c1.adform.net
campaigns.milibris.com
cdn-binance.com
cdn.cafeyn.co
cdnjs.cloudflare.com
cids.arc.io
clk.tradedoubler.com
cm.g.doubleclick.net
collecte.numeo.acpm.fr
consent.cookiefirst.com
content.milibris.com
core.arc.io
d160aj0mj3npgx.cloudfront.net
datatechone.com
deli.misaglam.com
deliver.adnade.net
dsum-sec.casalemedia.com
edge.cookiefirst.com
embed.chatlotto.de
eu4-de84.muggel.net
filter.realtime-bid.com
findarios.com
fonts.googleapis.com
fonts.gstatic.com
francecentral-1.in.applicationinsights.azure.com
fwd.fwdtrk.com
fwdtrk.com
gloutchi.com
googleads.g.doubleclick.net
grow-platform.tradedoubler.com
i.ytimg.com
ib.adnxs.com
images.prismic.io
img.metaffiliation.com
img.root-top.com
img.webme.com
imp.tradedoubler.com
ius.ctnsnet.com
jnn-pa.googleapis.com
l1s.saturn.ms
my.rtmark.net
nextlevel-f353.kxcdn.com
nextleveldefend.com
olivedinflats.space
pagead2.googlesyndication.com
pm.w55c.net
pornito.de
prod-rtb.ad4mat.net
pubdirecte.com
r.linksprf.com
s.magsrv.com
s.tribalfusion.com
s0.2mdn.net
sdk.privacy-center.org
sparkasse-fickmuehlen.de
static-de.ad4mat.net
static.a-ads.com
static.arc.io
static.cdn.prismic.io
static.doubleclick.net
static.wixstatic.com
storage.googleapis.com
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
sub.adzgame.com
sync-tm.everesttech.net
t.adcell.com
t3.gstatic.com
tag.aticdn.net
theme.webme.com
tool.hubu.link
tpc.googlesyndication.com
tracker.arc.io
turfologie.fr.gd
u3y8v8u4.aucdn.net
unpkg.com
uploads-ssl.webflow.com
vht.tradedoubler.com
visifeed.org
warden.arc.io
www.150euros.fr
www.1clic1don.fr
www.awin1.com
www.cpmaffiliation.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkbux.com
www.linkredirect.biz
www.s2movies.pro
www.youtube.com
x.bidswitch.net
xml.adflyer.media
xml.adtube.media
xml.clickmi.net
xml.clixvista.com
xml.ctrtraffic.com
xml.eximdigital.com
xml.flurryad.com
xml.infinity-info.com
xml.mediacpc.com
xml.rtbfactory.com
xml.thenetwork18.com
xml.xmladsystem.com
xml.zentrixads.com
yt3.ggpht.com
zcz.willemsefrance.fr
zkhlvgg.pa-cd.com
content.milibris.com
fwd.fwdtrk.com
sub.adzgame.com
tracker.arc.io
www.cpmaffiliation.com
xml.eximdigital.com
xml.flurryad.com
104.96.147.178
139.45.195.253
139.45.195.8
139.45.197.245
142.132.247.201
142.250.184.198
142.250.185.66
142.250.186.34
144.217.146.12
148.251.53.118
151.101.194.49
163.181.92.231
172.64.151.101
173.239.53.18
174.137.133.16
176.9.183.55
178.162.223.113
178.162.223.114
178.254.33.33
18.195.150.140
18.223.141.84
18.245.31.64
18.245.60.119
18.66.112.109
18.66.147.21
18.66.218.19
185.51.218.247
188.165.150.177
192.229.220.129
193.238.27.28
195.90.208.185
198.134.116.28
198.134.116.29
20.111.1.2
20.19.27.128
23.227.38.65
23.36.163.13
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2600:1901:0:76b9::
2600:1f14:50b:9a01:23d:d479:b64c:70e3
2600:9000:2057:b400:1e:5c56:d400:93a1
2600:9000:21a8:9400:5:b7cc:d3c0:93a1
2600:9000:225e:6200:16:e6fd:1a80:93a1
2600:9000:2646:d200:6:ea06:d140:93a1
2604:9e00:1:129::2:b0d
2604:9e00:1:129::2:b0e
2604:9e00:1:129::2:b10
2604:9e00:1:129::2:b12
2604:9e00:1:129::2:b1e
2604:9e00:1:129::2:b1f
2604:9e00:1:129::2:b2a
2604:9e00:1:129::2:b2c
2606:4700:20::681a:61b
2606:4700:20::681a:cd7
2606:4700:20::ac43:4a81
2606:4700:3034::ac43:df47
2606:4700:3037::6815:f90
2606:4700:3038::6815:ea1a
2606:4700::6810:7eaf
2606:4700::6811:180e
2606:4700::6812:19ad
2620:1ec:bdf::45
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::201b
2a00:1450:4001:828::2004
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:6800:3:591::2
2a00:6800:3:a0b::2
2a02:6ea0:c700::10
2a02:6ea0:c700::18
2a02:cb40:200::242
2a04:4e42:65::720
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0b:4d07:101::1
3.225.69.55
3.75.56.58
35.157.83.91
35.186.193.173
35.190.0.66
35.204.82.244
35.214.149.91
37.157.6.243
37.252.171.53
51.77.83.13
52.222.212.231
52.57.164.72
52.59.114.28
95.131.136.1
95.142.100.82
95.211.229.248
99.86.4.49
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
0310868ed60667ad16002c81b80b43550549fd77196c567ab2c122f39e973230
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a
04354830bc126f72b690b0af545d49fecf86f306c993270038e2dc80fa027d50
049295fadb0d21a89479f2e6f36fe14c4b42b04f1c6b77127415ed3ec21ca923
04b1ef1ed429046fc28427973f439da247ee8429a4db42448974f601cb25bdc1
05fdb4fce1d541254cd50986ac9c606d29e6e764fc0fc6d799dfa8b17375165c
067ac57b40fe26760f8cfeff14816138c5f4a1a0517d412c489995a5ae711461
0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730
07a266999a69ef74d1e289b6cc9a9ac31e33f4f4f756077edfcf86085798b91c
087702ae820182eedd971617258fe791019df271c18173e8209d0ea14f1fc7f0
0987ec55011fe794ca7c394da32f90ca9c34ffb1b94641c21614132f09142161
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0a16b9c0bc8878077a0ffd9cae294a1d1faff634bcaad2e18f57223a50b4ca58
0a8cdf1edd982d348ac8771913590f35589dfa28c40fa6cb5a810daf629b3d2e
0b05601b151eb6ebea91e657c9b9428b5d820dad57e47e1af0aa4526e0842e7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c406ddaa5ce6530882df73a7431b8114f87409c07d84aadd4f9b2f5d17cd531
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0fd0cda7dcc3a5bbdfacaf4d5060bd38479d1742a03a12b4f5b4b92b5d4d0a3c
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766
10daf29f71ea1157ffb5b7f047ae9acffe040c5142c039ea0bc75d6acdd3c61b
1124310a3341843e2635b794f6509b7d7d3447489268a050b70f643163c1cc95
1136bcd18ba9b01dc8ed941dee720d0cf94b5d6ac7d23dac1e0f3ab513840c0e
11b4e6810bac529f11adc99e733689eb57c4475e3a506497c6ff7e91e2674ada
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
1354d919694f2229f1055aec5fe92102c59d7aed474b60a13de761780b38b45a
13b04774bdb2cd6b0beb44f0ac557caaac30d90c9a0035bcb989d25e5bbf0a63
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9
16181c3c89b5fbe4fe1a9ec3fc4135fb183eca2497d3d6cb4cf15ca016049c4a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45
16e2112ba2b4f9917cd42decade78565bb7bb53b65a510ca4470647ca6c62ba9
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f
171e2569e608b742edc6927b3285c52256203a6bfbe958f35d78f59639b6fb66
1777d468f998900015e68acaa182f1854c562da1238dab900ee09aedd2d1b8ca
178193357d5387b683097ebecabd9ff4a92cdf44ce0dade81d063f170c88f895
17c3ce4bb1b9c7fa48da627fdc8f344ae166829af9727a9e793755ef361d920f
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
195a906292a7bd54a111043be568c05cb14ec644dc261936b4687a7f1678a21a
1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c
1bbb50d95bd0a65d5b4bc56dc13f0d51a0c8682b18a8b9d9a7acab551e059143
1c193778fdb97d0a29545d7350504dff96d7a23f511543a8b79a4b766aa5531a
1d02dfcee8ec614054bf52196119d53c0771737a8ad5948844172e47c8408188
1d1f6a84c35aab991d474a067d5f14e655fa8ea5c3519bb92d9a71d2988d9988
1dfdf221119134c8cc871c379eb3b770d1bad06ec9ba2d64c11db61cc5ce9176
1f329843da862f068915c209bd7df65afa25fcd6a702bc250190116d6de3693a
1f69c68821e397f5e0bdeb35b8779a9a55c81dbf3b55ec262ce650cc56f3429c
1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c
1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6
1fe9a14d5bd2bd3475e794ce6fcff79e9e7ef946e857208f9c4af124c5e9ac74
2052b7c6f11b588b309d6f4edcf6e69e45636eac4d55c7786c750ebdbf3df82c
21cb3454555128742552cbd1cbe1fef15e851600adffc7dd99fe1f768e910f1e
23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1
2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5
25df2b813607d24691a92c17774da367973b831c31ec948c7ae6b0ff1b75f97b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
285289282d4acb208757fa50bab00050809774873e9f10d7af704c6e93bc0483
2883771ff40dc50a4357e7043340298bbf72946dd1306ce1379ad1787936332a
28dfdaa9ef9b14bdb5f25321b8ca382ce990bf2010f52d8fff83478cda03972a
2965f2bc2266dd1b0ffe4d17cc2d66f95c446bd6372a1e90ade5098c9afb080f
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29dee7163cb8587966196156c90d62ce4d8076de5627637074c535fe009e740f
2a92fb119d491db997c85e92817381a68707486c1a55293827329a548c95217d
2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1
2c5915ba631e44485fc698592f0e0b70b120154c9880104b74b372e6d6a72b55
2c80cbb57c470ecd69ac46a12305f639a77da5a1c7f98979b3e8ada7cabd1d32
2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469
2ce473a303eda839eb949834be60bf6fb5423f1bb490b638286fefb82eb191c9
2cfdbb22e7b38bef5f6151a78dbea14fa542e1f0f9cd1f3f5b7017c447cc00cf
2d5668260b2d2a09441ff385b75608c67e5e975ad139494a806899a77456bea1
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d
2da6c5ad38b91513fa307a78e1e74d3f4a1270fa31f061db57c54ab4f0ea68bf
2dd9c23ab23e3550763de27b881860da5082a7cd5834a099ec0f24799112e2d7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e270e62d0b8ff774f5f56d64159f9123ad20e2f6bb8d3dd11ea3155942c95c8
2ec54658033eda36acacf610298fdcf8be19d80f97b9c2a75503aa11d8d915da
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
2fbac49c15d371cda3746987f1ddfeefb8fc2c42a7ff7cb2e53e0cd3214c573a
30396828f2c2fb5e4e4d9c26b0286552cf17243411ac0d5d8b97e1fd9a7595c0
30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32981ef62e1e682468527309048030cb962838e03d07ade3e1d1605e9e30d049
3363554daf655f54099a7962b3a90398095a396371c38c88fd5db2a105b5ddee
3369863e5ee77e771c3a64adfec2c25920b7afaca510cddfdcc8003b405879e7
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0
34d10df8fe806fda15428a87f81769921e44ac3c992383cbcc785eafbab10bda
35712bc049faffee865911fc57ca06aaa93a5f32a05eb9a9cead7949fca66e5b
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
362bec0108fb737db9a141c7df2027487e5d95f2a8cfcb7bdd6ac7357f7bd9dd
3680fa4b70168d280a6e842e96952315246cf033e1b08213dc627cc279b64110
3894a01d7b0b9fc6283c4a014781b9fb26a83e22a36522890fa2c491387b623d
389b04dd1564f61b5ace7159a1ce702ba04cdf25990423ae0aa8442239d01905
39bb54afea6ec3fbe9fa8279f5248cd97a434b7039a1407ecd47d452a477b4a5
3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137
3c3b1417602738999e715b47ec9b33494c8494d7436feef4b49d407379219d65
3e023d1fe6ebb74e6c4b67611a5f1d99fc8d0699216192100c6869ec4ad2269f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fa73656bab432a0d1e44ec4d2d25c5959c4d4a392af200e405aa38723e1c0ab
3fdcde931b9062ae5f90667dae03579fd6a0c01e48cdd12a3dfee0043ab1ee57
409e6b9470bdafbf358f021cbab5fce4da17433e56ae8db83ea6ce81ec4190f9
4186d8d72a104cea9864687f3ee89e3e4f05f52e76cc53b1fcc050bad46d5616
41c451106f94922cca17d7c10d55e2377367e33a93dc53add69611ed22b525f2
41dc7a95d79c1ceb7dcf2cc860bba46a34eb825afa5520d09fe42a560cd218ec
423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
430585bb7e8f46b6c239073cbd6f6a0e92493881ad75014e2b45eb4ff4c1b977
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a84f44f6cfca2acc9c7192da86db1e0efaf438de5bf16797ccdcc5f0b5a65d
4448e57627d206a158239bee1b118955ef88f407c813a8d7ff8a6c9b9cf7f9e2
44d3e303ef8f5ec5bfc7d35fedfd49d09d0491fc863724360b691c174b5249a5
4519dcfd6761d4544169db04ea25dc66a333690dc705d07139c3b8275c9b9ebb
45bac1a49db6ecb8dd113a009f880006439820561f7b5bdb366b57cc94738c2d
47e84a0182a22ea8cb80c71bd5cd59fb4ad690c1094cc8b26633193c9b84504b
48034978c46b58a81203471082633c57cf0c18597dbc1f76bbe7836356e382d7
48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0
49116b116b7a9ac1b831c031d71065b4f5277c665002ba23520b7ffc4e07f3c8
4940bf709504fa199951aa392bf3d6774c56fad0a31d06bfb3b3c7a816aecfc5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf739e19bc619954f802fd125f73f5f7d92aeb80c6708d8623a5e7e9714cb07
4c2ba2549b4f808634e34e33828dc23f2dfabffd16d4310ac3a1caa5ecec1df9
4c53c6ba9f5e325bb854d56fba0ef6495409ee9661fdecc9903bc71ac2498f21
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c
4d942171c7ce56fe84b49753515a3049b9a1d36f51e39e1bb341f681958aae9f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb6a7e8d38520abc2091db99a1017a1ed5852250dff2dcf28d6bcb2618eeb49
50bbe4629f60f09f4ab71653bb36a8f0535f64a40871d66b93fd2a2789982634
513ffa432793c07ddaf9337af31f05949b713c6c43019582aa136fd4d1e01f53
5275b4666a88ff829ede4fc8c2a3fd6f9e8c01ab721a05108366a86ce134db5f
52e14676901cc834de04123b6c24fe8eac3a063518a33f160b8e3d52bc590640
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896
553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7
5609fc54573f20fa40c4e69d16754feedab29dccee56b4e276026d2c789df6b0
561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b
571ddd566f90b57ca7a827787fbbf734574bdbf5cacc05b47e2c386d767b203a
571fc037483d6d113bd24fb0cc831df88d900e3c04a1433ea545cf16b7e10ad1
578fb052b894637e479ec503302e4eef748631926ce0c37d1e06193402cbed9e
5799690c18ef0f21920ab09471dd01fe95cba0a2ec5a901cfd8c3cd40736bf6d
5859b846522fafee8dfc659f975871aa8d35ad84e649cadea4a4355c963f3c6b
5865660e35364dfda02a58a36abf22f2be8fdb44bd85259acf959c7c667b65aa
594c225e790ebd5ea54d128fc686244ed1c59edef3b6f7b0e0cc7ed39f2b396f
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1
5a23dcd10b0413461e6060c915c729dad1431d1c6e91e80609edeec9dcc4d3c0
5a4dea06ce5e3f28c9415c066e37fb582f3ff96bf398a8af2fc532f938e36100
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab70deac1b374a09a6ee6fd95a5b7a35805a4065385592399197f65f23b9edc
5ae252582e588d8bdc6cd5c65e064277a3edeba7b7d919ee59cf4123e7beae91
5ae7a1adba46f58f5d59595820d30f22673c04f6f3b54ae1f220a4a49cc7ec6c
5b189e22687df35d236118c5273f1b329b83b6c7a265b87f528e03d8cec807dc
5b34da2669c661e6aedf9a9f1f03c8ef6b56287f4434d704ab3ada7a00651534
5c8a46626e7f2127d9c28cda9b2d42fb3569f401ac6c804f6ea0d8d92df8b35b
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd
5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128
5e7513f8db92d5a96c93feaf74ed19de8054c22f70d7dcae9ba418f3f18aae0b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fded760aa7f3e1d4a72ba1976d0d3baf55ab273c9ff4043daa76c7955ec05d3
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
6073a5b7084b6468f138b66a8bc4b0d9ad1128f9a2c480778d2b74a8929e23c0
619cb0634f95b69376043d8c2d67225815d7e975d1d7454f77fb721aa42d35a0
61ba226b25a31c48913588b705efa2e16a5b9c67ced4652a94178eaffe21eaa1
622b7cf96e813affcbbef000347b2d4444b6d76f5f7dd158bc021c31db3900cd
622c115a90846fcbac403ebc204eab9c0d7b334db5ba24d4b78c3dee95fb2881
65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34
655692ffa229c797d98b3568b1c31126f6a82abcb70467ef0dccfdbe9ebd156e
65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37
667dc891ca13eaded1b825aa627ffec858d8cd066374def0c78c86b3faef6206
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
6704d64d4a9c63f4145ae5cf525a7bc0e7e341afdcca11ec3a1a6b6ee0198a38
676b5c0ed9b5bb90099a4b572927f26ccf0bd4deb619cfac75868bb5dae16cd3
67bb5aee39e648f6e7f21968c5e9365328dd9ce01c4053ceee1956dd5380ae17
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684224303aa350da2b7173ce8bfc7b6d564450c260249d5c4deb1815c806eb10
6849657d8c4f144564b36e2d25c6c7e597b52f2e784c63934a81ee7da734cd05
68511f5b9b3334fd679a73ab49cba8c05ab2460e36ec9564f25f756e4aa8f071
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6aeb819975602a5e081823fab8310a26dd89a9a046e9b3ef0e3c60836f113358
6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038
6befb6ff03aaf3003c4eadcb85b14f4a6317461054d3596e558459ababd26ff3
6bf25c4e918474f83120ae20c1b3e74a6061d10b5450ec534bb91f31abe42f89
6d72a4d96590b7e99583837c035e85bb4edb49e8965d0ba8023fd275da287946
70bd67054aa6ae68e0a2695de05be71ab93e5ffae2cae6c362cfff432589adb7
71034e9ee13299595623ad3a7fcdcc07b542bc82c2da1766303c9e64eeb36599
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
726e9de4949b01f1fa45b7a5cb2c35fc8f08bbbee34b27df8a0b9cd6c83fa354
726ec80491e4a5737cfe940e78a9d63507caa76317e480ba377da01564f40f3a
7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104
739b8e0b2e8c07b1dfed26bf50529e0ddd561252cf7938bb168a7bc00031ff67
75a9042147e6a457a72f68b5e60298c643057ea87600c57f4a84340688763a24
75d327ff4367d4a60a7e79f1b4f8933c6e12f5fb97cb28c77e88827509760bae
761dc2ababcd93c5b563f247977e2be245a716a23d3869d82ba44e6fb7ae52f0
778aa4b81cf3e0bbfccde36672efafd9df4de3e3c16c9aa679c1129bae4f543f
77a5cf139741a08ea52ae413b92cf633b3c193a30ba863ad1b3b1b42a4153bd7
77d6cc20bc333f4d34625472076c72800c728ff605da394fea93803f2463187b
7818e7db9f52cb47b3cfbd023252319dc6d076227ea8c973c69b082debd6207e
788ae13b25ade980036bb8c6ec8ce25b4240beee69fa2470d1353a39afcdc709
79c4996a44235c7dc0abb95a3005b9311989725535259abb3bcb2ba66b6e4c97
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08
7bd4cd78b3624cdddafda090ed27cb98578fe1f1a0c3dda3e41b1f654b6d4fa5
7c8ccbe49451b6a054a1ba154498c0d2c1bd9c404fd433ee2d835cf7de229c98
7d38b978448f577823cb61c1770273092991d7805b3ea8de4b7efc7fc3c73b3d
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7f27da5c39b5fa7002eec0402c5340023b9f5819ee7d008db898adc5be5b22a9
7fd055cc0762380ade029f1c4f98aa218bb089b936fd4b73a8a00929f32fc066
7fd86b7afb5493c1b947dd9219ec4d6d75943711e0ddcd73177cff7a4c7330c5
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
81bb9ca7f132df1282fb961eb59ce5e0bfb23c3946f578d046088da672650d12
81dc394a237cf0f94b1b7d9c292ce9c696010601f009147a7348c62e4c59eb3d
821783c0e4b92d6d55a9180964df9badc3d8f1b4023b2dec19ab66fd4481c764
826b9c567dbdac6b8bf02dcfd9ece037731d4a7116ee4a651506893296d2801a
82b11db00f6e3b6d8ed252d0067df0bcad2e0a9f872ee66a3d0a2f2b8d2b73c1
82d745e15c3d509aecdafb0c8df95bd49a93bba4c7ee8e91568df4bb33c681ff
83256846a30b4cbaac11ff7b90b451d9eedeb2f8f1ffc87d926d17776d3c443f
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0
846200635ae31e9bfdf641c272e9806a210244c81bc8ea0783e7b67bd54d2831
84f32a7679e50049bccc45afe9e48e22594f50f15217866f0f6a1f25dbf4736b
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
85ab07c03398cee995a28f96503695ede1fbb56a6d0708261b67f1475b1a57bb
8726f68788e7ddd812e0bd80eccbfc868a5ab34345bf3be6a3e7137570e5eac4
8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016
882bb257ef890c4010a4caf315dc613475afcd1442c0c10e0f4713e3bc5e8150
887ee4fd5820088063e31ee2e61869155c1438e27e9f1b116d8fe3bf60829ea7
8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
8d43afc476ebb74164c1ea7258bbeb85a77b70741c9df0cf2eb9eed3cc11cb8f
8da0c62a691971ad0c6b034972224dd29941901c44ad4b5520ab3057d4779f92
8e91fec39a273cfd9ccc97c3b0f464e9b00d520c91dd789e6af4ad6a697745b7
8eaa5225fa1d7f629faad19000b31d037358492cd4358bb1d2ae65ddc84864e6
8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68
8f3c403250f95562015c2dc6308f8b79e5740ef57ba87c4d64650daa48f724fa
8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
9083a867ea1f900be862f6c018cd2372e5472e4baa2718da1382847f917153f2
90dd163fecda93f82066b1672d453ffb321610a43b8643f319b77cb53d65c040
913f128a7e8557c131cc19e6f154e010263e9d594cd0934c1b0e7a92c81bdd88
9250ed354fb73e2b9583e38a91e73d22c0a540dff0ffcb5e1a14b45ab3034d3a
949157cf47ef5953ef4d99acad4b495ea00f93c7d72f085c47de7ee2c9be5e45
955452fad18000b14d0f60058e77e3cac46e3c026deeef79124b82b4c7fe6d65
97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5
982b986bb578e137f062099427a8caec3c501c84a9e4b22369ebd2badec42fe7
9845f13f168e2bd5ecf7d67536bd8903abf2ad03155c03dd4232cac61ebbf74e
98b4a2165b50f3cef5cc0f77f63ef31e7c8fe7b5b9a88565be9cb67e8d116ee9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9be13e42ab6783e7aafa12099a6b2e42ed17797aa823e2f7508b2f0ba2f2218f
9c7025a06ff5437034d16a5ab96ee0a66dbb40f96749602fc2903a1efc5b62ee
9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02dececd92b93cbd0cacd5539f65df5710a8b64930a15e17209580cb7a45d20
a0fd2a1324a78ad64662e4d43d9ffb6809cf95acbcc99d88f7a5d261a038b18f
a10f16c4f5cd168a409aed221e0075c5b8ccf3a1ca00bbfc199ac943d1cf31c1
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a17f170598217be7334568b0d63aaf2a76951a50eb20197d23805471c49fd14c
a186b46cd709c3da8fc25900af33a4187a486b3e73b0a6beb182d1c38c6b55ba
a3abc4a42e468252822b67bdbd5659d2642720b4a8f2abbce1121ff7e85de612
a42203cf34de0dc09984ee4a9da8e500ddd550fdba8847a79ea23e4f103976c1
a46e78a3e3ac9e2438100a23b0b84b6b95df15eaeec0789efeedc447ec841e1b
a48069602593db5d19ddc4c9e9b213c1676c772fa15d6719b7752e79cc378ee6
a4bcd9269e4b05bacb77050299fbaa7f5a216f44811ff18f809986b86691309c
a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333
a6525eed4cfe7ef3c5d6a97c8a2554b6109c1ef86b9b790e16c020d443f04072
a68fb6e459e31b8c5b588f9362ec98b0ac72f7b1e57b8215b2b6dbdf42845202
a70f875e6b989ad12fae2020a81534578f3dc49c2cf583a1a73b3708329dcb91
a7702cad21303867f629dfcd6ebdefaa7412e7104477bddd069e368c050f6357
a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9
a785a26bb3b8b264ac0aca8a7c009368f5a0efc961b0f295d8bbd835e83efbc4
a791f1ca594787e4306b74b064fe5be45dd4faac5f9f32a7ab71658093613e4b
a81f08d8cac12ababeda1e7234e31b2d3e7282da6fa7a7837b35596df2b8bf42
a895f584a673bdc66bce3faefac375de5f60007432f3b3af5dbdf21f43b3bba3
aa003626233069df1e8ae3ac8f4012df62d69aeaa052ec52e77478e1569c85f1
aa1385e3c5e44713fb38c1fa6135921ef28acf843a709af6a902f1821bbe87ee
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
aa8ac4e1b8a4abb998c2690bd5a28911f72cdfaea0b4d09e057034da71e79a6e
aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4
ab8eb5ecfec8aa8ef9e39ce22a7243d1a5c71362e3792dbd1a0a26ea7f2d359d
aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee
acd5f2c1850296ab190dc352ea9c37a065837c5c29eab8cf7c3bd5a446554dc0
acd7875fe8666dce27436b677e85f8dd51e21fb3038d131aa73acaad6839ae3b
acfd11fe4da4b2ff71147503919506a6dd8133bc95008f0a4088306e4e417614
ae05b18aae5483651f30c1a04078268141f1704596cfed6b37175802bd0c89ac
ae687870ea89c2a4a1d9dd25ab0c568bd39e41b00bd93d88738d6673a7eb57cd
b03944c008c744dcc976b39d4e2c380df0651a29ef9eada2ed8a31bd097490d8
b0b4907479a5af2f31ce82d88244bf401ee6f2097a82d787cdb382209a8e505a
b0bfca8a0e609abe8cdb762d43f4c56ae1c374e54459586453035cf5491c7c4b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cda852a0ad251aabd03365445035d46bd4d28e0f0e18ed8272108e5a371749
b1e3161de1cce033d34d742887b53c870770b79b62f8913caff08d0f469665c8
b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc
b308a0c8ee09f8af80d805b2f4a9e72c10d19de250db745722f387294cf8e5ce
b329d89a2bfc0b96a4079135252c4edcd9dca9a50317a22078908ef6bae2f9d6
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b41252453cc9dad39a02ef2888c097a45f25fb514571866f5eab919608eb5bdf
b5533b4384a82c368d89b0b5a87ee2031918a39306a8ae262705ff52480a8ce3
b6e14fd115de8108bde54622deb9cd8a6d13dcb8c1cd22031c322827d15176b3
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7a189292e95b57810ea47d112fd1feb7c222f462a626d6f8188fd8a55f6d32a
b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d
ba8de09732362dc2d2de144938e7ff4c6595a9a73fb4b626b90af40374636f6e
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a
bb168da315c10bb24b435aa96463efb3ab38d17847a0b343b62d632945463ea1
bceb255f8ad7733de75c373fb529d36fd91305c563d697432939167301d771ed
bcf354590ea976a3d5b046b4d06bd9e83b5e2b8a42d39bf7307843656fa6764b
be1e7e0d57ff637608c08768bb168a52869d9bd7ca993b5196c06e48b7033b17
bf73387d314bb817247d09084811307555c8f00711c361088e28d167ed0b6efc
bfb1c44c9f1a3cdfc4083c2caab79065d88d7c56ac1e1426cd7a89d7803b9529
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
c0a3f428ad97ef57830ebae74b5f6c0de4d3328b4b7a14505a5e2dad84c184f1
c0d780992df3560dba37edea5f18e9db6724423f6b8d6ac616d3dd1955adf819
c25c0404cd425a831870554b1fd9ace3825cbb08dc56acab61efe80d1cf4b2e6
c331eb86d87b1684540ddb6544a96d3f9b975141681f028ae97b0c5bcf4b64b3
c33fac9bc997651406c6933d3feee7c74927777c6fa34d24bc0408bcf847f587
c3badaf15c5bfc5f1f82b531ae32f6351624d8f039a5c95bfd57d60eb0ff772d
c3c8a840523cbfaf32de76e8decd6d6aa6a3914ea36f811c4c8b0a1190368ed4
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca
c52c4cc1cc8d48963aaac413e7a64d8ec63d62f2e5dd454c622593114c148b14
c62348408285fb6fb2e54508b4ba746a74880f9761c9b45fb56d49c0f65a0a24
c69f4dce621c8879c7c43e18557c6bf9a9795c04453e52bf1c82c476b2349dba
c73c3b9914b9510a2e44a969305b24f0baaf169dcaf1c6fa9119c9539202233c
c7f837ecf6d3bb1f7b5fe9d923bf06c40d635e3959fc164d81b3575210ad7eab
c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62
c99a691d48738ad3af84ecf18674baaf17b0a866f08518c7f2fb0a318e996fcd
cae15024a69f06fc2e124b25d160a09646d0b9feccf70136040143873803f7c9
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cb2ce0434e712ead4d7d48ed5c169fdf965b367d34a4c58da6dc8ee846d50e94
cce01356ede85a0320d85110b6192cdac379c621f10f42d3ccac622c992163f4
cdd2c81aadd2f0eeb770acc7652cf1c421271c05886f0ef337264c6fada0e142
cf73fb04240087af527426e211ba23ad6f2839b8be7107f110347f4fc614a6ab
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423
d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece
d030984ff3d94eae42b77d1d6251b9a9cad064ee8a8e9fc2061451f824bbe636
d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18
d110cba76b274fd7bf8a7b22e89caac6dce7f74c9675a5d6480c13b8e7689d95
d20c83b61870ff96ae163d0f5241a3b0da9f5442022ef0e9c0597b41a894b86b
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
d353bd12cac895c473c3292fa0773ea331b8748cfbed90a85a6d27d29a47a808
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d49426c37d548238f9611ffcade1623d983e18adda1e8d5739ea23b625c262fc
d544c5b7440de75791a2299db080f98fb15e0a4b3e61b84fbbbe6c67f7de619a
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e
d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c
d62d5406ec5422069aa7207d014e86430e83cb31e28ad2c094206a8fb959fad5
d6e6945a2063e83385d8dd9d2e881c57c1e14459def5201eabc3aa19f0bd4373
d707aafae92795b4fb2f7c93c17e69c154e30be54e8c6f6260b8b1e6933bf66a
d7ab021b144e1615773b750779ffa1e38c2b27b478d5736fa6ea3e3f247d4946
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dd34cc3a0af95382d37cf4318648616c35e2abcff7ccad25d6ec9ec140ddd0e2
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
df2d819a33e3c23afce42c5adca85a4b259748ea00e7b6263bbc0554a7018094
e1a40fbfdd9a373a6b92cd44606654708bbb4648239525e8951b0c4e119bc7d1
e1b8e1b21221b8baeee247e0148e180848d9cb3a15e340a582d0de8cd7d54b46
e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f
e2eedefbad851de8a30f4e9a919f9a89dbdbc2ef26f4811f43caf6b675197ca9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e4195b948eff28b5188fda396f611aeae64db2c7c1cc25d402449581fe0db
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e631f555ba9346dd84bff9871972ffd163299f217d27190b7bf374f2792d74c7
e7037a6f46bae447d2244fc31568814f03fda73a034afd27b035e858be8319f6
e73d0eeee68ac2a24d0a2dd314d3106e1487558e9c062621c0a71f3f0c6a7b63
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
e840e0367dac10259db8f6993120023d073d46ad538e544d70c3a7fb0f36407f
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9ad8c34179328ca00be1e418ed15f8edf0fd33f0bdc360df3d3ddf1de30f678
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
e9d3a646b58f75f6d16539c12cafa4e07f761d54ea118893f67dd869166ed6e2
e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81
eaf9d0fe8ca869157fa17f2a499c2b2aad72c003a62db2e131a549290f804df2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb41edaf0a527aac2d8d639b600c6a443c126333c1318feee0c26220db0fb2d
ec5fcca100deb969ac451937e69ae1c72947cc398fbfc35110353cc13fb294a3
ec70fdd6fa4ea1e80b04cebbe98e801e6a658237b69155d41abe0b0b8801dc96
edb4094266dc2ebbf9ed9c7723b71625f95dfc0844262bb7c19e7d0588295a7e
edc4115c928abcf322555b7ed8c2901752d059a88aceed7723de9ef16023fbe8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef807d7beb7afd4ddb5cddd3f9b0c5eb11d36d5724330a3a8021d92fc141c5dd
efa7b517d7206311840317990fef75a6fbe96d575cb0443fb745bff3b3a6477e
f0e76ea483bbaf1f47464b4b970ee38ea1262b2d474d54b4ea2e113c30a117c0
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1cbeb1034ee46c45f703f495b2c29acbedc76baa3189b3f41f429386cfd0feb
f2b7ec4c547ba48568922c01aa0a326749cd166b422220021f696f7c8df595d4
f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0
f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c
f4c4e869912880e643dfdfb2edcd8754e9eb755a251a5d3fe72d454815adf5be
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6b2e7f8c96c870b52cf8840d4222a9cb4738f9925fb6fcfec4fadf48d23c360
f865514efd53f7cda25e74bd902e27fab65f0136ffb541548c5cb3b0fb7f9702
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f91c0492a1d0b61b32b56b91c6e17bc8bcc8f1ac7a04668915f2f05c0d8f859d
f9340618d4515b1305d14ce5c76ff697f290010ce9521b5d21579f9f1be73b81
f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fa66541ac3878fac3de71685975a73f4b55a9e8aa2ecb31f8fb315d69eae9a54
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
fc7b7e92726f4f516f4fa4710b1af4fdfa32580b2654a774bf96e45c147c096a
fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096
fdd20c446b3e870371aa701af150ea3306476c628bae4b4f043b0839c0098d2d
ff68327a8df730ef95a6c5f6cd45bd5310db5a98952a811b7c9bf2d993f3a8d3