urlscan.io logo urlscan.io
SecurityTrails logo

www.gala.fr Open in urlscan Pro
92.123.149.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Effective URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfineme...
Submission: On March 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 8 countries across 106 domains to perform 442 HTTP transactions. The main IP is 92.123.149.215, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.gala.fr.
TLS certificate: Issued by Thawte RSA CA 2018 on November 13th 2020. Valid for: 6 months.
This is the only time www.gala.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.11 31688 (SPLIO-AS)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2001:41d0:700... 16276 (OVH)
1 2 54.217.233.60 16509 (AMAZON-02)
2 2 35.190.16.14 15169 (GOOGLE)
15 92.123.149.215 16625 (AKAMAI-AS)
12 192.229.221.61 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 192.229.221.226 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.156.162 16509 (AMAZON-02)
1 65.9.58.13 16509 (AMAZON-02)
1 13.226.147.71 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 13.226.159.74 16509 (AMAZON-02)
1 52.205.167.202 14618 (AMAZON-AES)
1 151.139.245.16 33438 (HIGHWINDS2)
1 13.226.159.79 16509 (AMAZON-02)
1 65.9.58.107 16509 (AMAZON-02)
1 13.226.159.15 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 35.190.89.230 15169 (GOOGLE)
4 35.190.76.172 15169 (GOOGLE)
1 104.18.132.145 13335 (CLOUDFLAR...)
1 23.37.40.118 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
1 2 15.188.224.144 16509 (AMAZON-02)
3 70.42.32.127 13789 (INTERNAP-...)
12 104.79.89.48 16625 (AKAMAI-AS)
5 52.210.159.162 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
4 12 104.79.88.202 16625 (AKAMAI-AS)
5 13.226.158.204 16509 (AMAZON-02)
14 142.250.185.162 15169 (GOOGLE)
1 212.129.3.112 12876 (Online SAS)
1 13.32.21.61 16509 (AMAZON-02)
1 54.246.113.218 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
1 145.239.193.53 16276 (OVH)
1 18.184.216.10 16509 (AMAZON-02)
1 35.244.220.155 15169 (GOOGLE)
2 46.105.201.224 16276 (OVH)
1 151.101.13.44 54113 (FASTLY)
1 54.72.19.40 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 35.205.207.25 15169 (GOOGLE)
3 3 185.33.220.240 29990 (ASN-APPNEX)
14 39 142.250.186.130 15169 (GOOGLE)
1 35.186.238.175 15169 (GOOGLE)
1 13.226.159.122 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 13.226.159.3 16509 (AMAZON-02)
10 104.76.201.181 16625 (AKAMAI-AS)
1 104.79.88.250 16625 (AKAMAI-AS)
1 54.93.142.164 16509 (AMAZON-02)
2 6 34.249.70.28 16509 (AMAZON-02)
1 199.232.137.44 54113 (FASTLY)
5 3.230.55.171 14618 (AMAZON-AES)
6 52.18.147.13 16509 (AMAZON-02)
4 52.28.203.152 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
3 23.37.38.181 16625 (AKAMAI-AS)
1 104.153.197.189 53334 (TUT-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 13.226.157.31 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.236.153.130 16509 (AMAZON-02)
1 13.32.21.120 16509 (AMAZON-02)
5 35.244.232.184 15169 (GOOGLE)
1 13.226.159.31 16509 (AMAZON-02)
3 151.101.114.132 54113 (FASTLY)
1 5 52.95.123.41 16509 (AMAZON-02)
5 9 69.173.144.138 26667 (RUBICONPR...)
4 4 185.86.137.133 201081 (SMARTADSE...)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
39 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::539 54113 (FASTLY)
29 2a00:1450:400... 15169 (GOOGLE)
2 23.37.42.132 16625 (AKAMAI-AS)
3 3 3.64.73.215 16509 (AMAZON-02)
3 64.74.236.95 19024 (INTERNAP-...)
1 2 52.48.137.92 16509 (AMAZON-02)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
3 7 185.33.221.89 29990 (ASN-APPNEX)
1 2 52.22.84.205 14618 (AMAZON-AES)
1 4 184.30.21.112 16625 (AKAMAI-AS)
1 13.226.159.68 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:bb0... 16509 (AMAZON-02)
1 185.86.139.58 201081 (SMARTADSE...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2 185.29.132.68 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 178.33.42.71 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.243.160 15169 (GOOGLE)
5 7 34.98.64.218 15169 (GOOGLE)
1 1 2620:119:50e1... 14413 (LINKEDIN)
2 2 51.178.20.140 16276 (OVH)
2 2 213.155.156.180 1299 (TELIANET ...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
442 100
1    91.190.170.11 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
ml.info-people.fr
3    2606:4700:3035::ac43:d6ad (United States)

ASN13335 (CLOUDFLARENET, US)
wtm.info-people.fr
3    2001:41d0:700:347e:: (Germany)

ASN16276 (OVH, FR)
r.phywi.org
2    54.217.233.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-233-60.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
15    92.123.149.215 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-149-215.deploy.static.akamaitechnologies.com
www.gala.fr
12    192.229.221.61 (United States)

ASN15133 (EDGECAST, US)
tra.scds.pmdstatic.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    192.229.221.226 (United States)

ASN15133 (EDGECAST, US)
gal.img.pmdstatic.net
1    2606:4700::6810:9df3 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.226.156.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-162.dus51.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    65.9.58.13 (United States)

ASN16509 (AMAZON-02, US)
gdpr-tcfv2.sp-prod.net
1    13.226.147.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-147-71.dus51.r.cloudfront.net
cdn.parsely.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.226.159.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-74.dus51.r.cloudfront.net
consent.gala.fr
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    151.139.245.16 (United States)

ASN33438 (HIGHWINDS2, US)
via.batch.com
1    13.226.159.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-79.dus51.r.cloudfront.net
static.hotjar.com
1    65.9.58.107 (United States)

ASN16509 (AMAZON-02, US)
static.coreg-feed.com
1    13.226.159.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-15.dus51.r.cloudfront.net
try.abtasty.com
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.190.89.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.89.190.35.bc.googleusercontent.com
js.antvoice.com
cross-prod.antvoice.com
4    35.190.76.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.76.190.35.bc.googleusercontent.com
itm.ivitrack.com
1    104.18.132.145 (United States)

ASN13335 (CLOUDFLARENET, US)
config.seedtag.com
1    23.37.40.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-40-118.deploy.static.akamaitechnologies.com
cdn.mookie1.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    15.188.224.144 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-224-144.eu-west-3.compute.amazonaws.com
prismashop.commander1.com
3    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
amplifypixel.outbrain.com
log.outbrainimg.com
12    104.79.89.48 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-48.deploy.static.akamaitechnologies.com
widgets.outbrain.com
amplify.outbrain.com
widget-pixels.outbrain.com
5    52.210.159.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
5    2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
12    104.79.88.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-202.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
14    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
1    212.129.3.112 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
contextual.sirdata.io
1    13.32.21.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-61.fra56.r.cloudfront.net
sync.getpublica.com
1    54.246.113.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-113-218.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    2600:9000:2182:ae00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.agkn.com
1    145.239.193.53 (France)

ASN16276 (OVH, FR)
asset.easydmp.net
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com
ats.rlcdn.com
2    46.105.201.224 (France)

ASN16276 (OVH, FR)
tag.agrvt.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    54.72.19.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
p.cpx.to
1    2606:4700:3036::ac43:b26e (United States)

ASN13335 (CLOUDFLARENET, US)
www.img-static.com
3    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com
social-reco.antvoice.com
ads.avads.net
avads.net
3    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
39    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
1    35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com
fr-gmtdmp.mookie1.com
1    13.226.159.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-122.dus51.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.226.159.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-3.dus51.r.cloudfront.net
vars.hotjar.com
10    104.76.201.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-201-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    104.79.88.250 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-250.deploy.static.akamaitechnologies.com
players.brightcove.net
1    54.93.142.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-142-164.eu-central-1.compute.amazonaws.com
d.agkn.com
6    34.249.70.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
api.taboola.com
5    3.230.55.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-55-171.compute-1.amazonaws.com
usersync.getpublica.com
6    52.18.147.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
s.cpx.to
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    104.153.197.189 (United States)

ASN53334 (TUT-AS, US)
PTR: 104-153-197-189.customer.totaluptime.net
bid.videostep.com
1    2a04:4e42:1b::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    13.226.157.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-157-31.dus51.r.cloudfront.net
edge.api.brightcove.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    15.236.153.130 (Paris, France)

ASN16509 (AMAZON-02, US)
prof.estat.com
1    13.32.21.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-120.fra56.r.cloudfront.net
contents.adpaths.com
5    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
metrics.brightcove.com
1    13.226.159.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-31.dus51.r.cloudfront.net
cdn.privacy-mgmt.com
3    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
5    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
39    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a04:4e42:3::539 (United States)

ASN54113 (FASTLY, US)
manifest.prod.boltdns.net
29    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    3.64.73.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    52.22.84.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
4    184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    13.226.159.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-68.dus51.r.cloudfront.net
www.adwstats.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
11    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.ch
googleads.g.doubleclick.net
5    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
19    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a05:d018:bb0:8d00:5b0:2a42:525f:75ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dsp.adotmob.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    185.29.132.68 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    178.33.42.71 (France)

ASN16276 (OVH, FR)
assets.playtem.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    35.186.243.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
mappings.ivitrack.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
c.eu1.dyntrk.com
2    213.155.156.180 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
Apex Domain
Subdomains		 Transfer
56 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
247 KB
53 googlesyndication.com
pagead2.googlesyndication.com
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
244 KB
39 2mdn.net
s0.2mdn.net
687 KB
21 gala.fr
www.gala.fr
consent.gala.fr
267 KB
19 outbrain.com
amplifypixel.outbrain.com
widgets.outbrain.com
amplify.outbrain.com
widget-pixels.outbrain.com
tr.outbrain.com Failed
odb.outbrain.com
mcdp-chidc2.outbrain.com
114 KB
16 pmdstatic.net
tra.scds.pmdstatic.net
gal.img.pmdstatic.net
793 KB
14 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18 KB
12 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
330 KB
11 rubiconproject.com
fastlane.rubiconproject.com Failed
token.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com
16 KB
10 adnxs.com
secure.adnxs.com
ib.adnxs.com Failed
10 KB
10 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com Failed
39 KB
7 openx.net
us-u.openx.net
rtb.openx.net Failed
2 KB
7 brightcove.com
edge.api.brightcove.com
metrics.brightcove.com
6 KB
7 cpx.to
p.cpx.to
s.cpx.to
8 KB
7 googletagservices.com
www.googletagservices.com
225 KB
6 yahoo.com
c2shb.ssp.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com Failed
4 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 getpublica.com
sync.getpublica.com
usersync.getpublica.com
8 KB
6 instana.io
eum.instana.io
eum-eu-west-1.instana.io
10 KB
5 smartadserver.com
prg.smartadserver.com Failed
sync.smartadserver.com
ssbsync.smartadserver.com Failed
3 KB
5 pbstck.com
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
45 KB
5 ivitrack.com
itm.ivitrack.com
mappings.ivitrack.com
20 KB
5 google.com
www.google.com
adservice.google.com
1 KB
4 stickyadstv.com
ads.stickyadstv.com
6 KB
4 pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
2 KB
4 google-analytics.com
www.google-analytics.com
19 KB
4 info-people.fr
ml.info-people.fr
wtm.info-people.fr
6 KB
3 boltdns.net
manifest.prod.boltdns.net
7 KB
3 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
304 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
432 B
3 3lift.com
tlx.3lift.com Failed
eb2.3lift.com
1 KB
3 mookie1.com
cdn.mookie1.com
odr.mookie1.com
fr-gmtdmp.mookie1.com
3 KB
3 antvoice.com
js.antvoice.com
cross-prod.antvoice.com
social-reco.antvoice.com
23 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
62 KB
3 googletagmanager.com
www.googletagmanager.com
150 KB
3 phywi.org
r.phywi.org
1 KB
2 de17a.com
d5p.de17a.com
722 B
2 mathtag.com
sync.mathtag.com
1 KB
2 criteo.net
static.criteo.net
51 KB
2 google.ch
adservice.google.ch
2 KB
2 bfmio.com
sync.bfmio.com
598 B
2 crwdcntrl.net
bcp.crwdcntrl.net
973 B
2 dyntrk.com
gu.dyntrk.com Failed
c.eu1.dyntrk.com
1 KB
2 facebook.com
www.facebook.com
364 B
2 avads.net
ads.avads.net
avads.net
278 B
2 taboola.com
cdn.taboola.com
api.taboola.com
22 KB
2 agrvt.com
tag.agrvt.com
5 KB
2 agkn.com
js.agkn.com
d.agkn.com
aa.agkn.com Failed
4 KB
2 commander1.com
prismashop.commander1.com
2 KB
2 facebook.net
connect.facebook.net
93 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
18 KB
2 weborama.fr
redirect.frontend.weborama.fr
589 B
2 cloud-media.fr
er.cloud-media.fr
420 B
1 quantserve.com
cms.quantserve.com
464 B
1 linkedin.com
px.ads.linkedin.com
460 B
1 playtem.com
assets.playtem.com
sdk.playtem.com Failed
1 KB
1 adotmob.com
dsp.adotmob.com
101 B
1 adwstats.com
www.adwstats.com
319 B
1 privacy-mgmt.com
cdn.privacy-mgmt.com
1 KB
1 adpaths.com
contents.adpaths.com
70 KB
1 estat.com
prof.estat.com
6 KB
1 zencdn.net
vjs.zencdn.net
7 KB
1 videostep.com
bid.videostep.com
4 KB
1 brightcove.net
players.brightcove.net
407 KB
1 img-static.com
www.img-static.com
923 B
1 rlcdn.com
ats.rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com Failed
60 KB
1 eyeota.net
ps.eyeota.net
344 B
1 easydmp.net
asset.easydmp.net
4 KB
1 adleadevent.com
adtrack.adleadevent.com
464 B
1 sirdata.io
contextual.sirdata.io
887 B
1 indexww.com
js-sec.indexww.com
15 KB
1 seedtag.com
config.seedtag.com
12 KB
1 abtasty.com
try.abtasty.com
75 KB
1 coreg-feed.com
static.coreg-feed.com
18 KB
1 batch.com
via.batch.com
1 KB
1 sp-prod.net
gdpr-tcfv2.sp-prod.net
44 KB
1 google.de
www.google.de
107 B
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net Failed
1 KB
1 polyfill.io
cdn.polyfill.io
620 B
0 fwmrm.net Failed
1f2e7.v.fwmrm.net Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 mts.ru Failed
sm.rtb.mts.ru Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 m6r.eu Failed
tracking.m6r.eu Failed
0 ctnsnet.com Failed
gcm.ctnsnet.com Failed
0 sniperlog.ru Failed
sync3.sniperlog.ru Failed
0 sarenza.com Failed
eulerian.sarenza.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 adform.net Failed
c1.adform.net Failed
0 adriver.ru Failed
ssp.adriver.ru Failed
0 travelaudience.com Failed
ads.travelaudience.com Failed
0 turn.com Failed
r.turn.com Failed
0 beeline.ru Failed
google.ops.beeline.ru Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 rutarget.ru Failed
google-sync.rutarget.ru Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 advertising.com Failed
pixel.advertising.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 advangelists.com Failed
nep.advangelists.com Failed
0 bidswitch.net Failed
pool.grid-data.bidswitch.net Failed
x.bidswitch.net Failed
0 teads.tv Failed
a.teads.tv Failed
0 mediasquare.fr Failed
pbs-front.mediasquare.fr Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
0 proxistore.com Failed
abs.proxistore.com Failed
442 106
Domain Requested by
39 s0.2mdn.net imasdk.googleapis.com
ml.info-people.fr
s0.2mdn.net
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
31 cm.g.doubleclick.net 14 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
29 pagead2.googlesyndication.com srcdoc
eum.instana.io
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
15 www.gala.fr wtm.info-people.fr
www.gala.fr
eum.instana.io
12 tra.scds.pmdstatic.net www.gala.fr
eum.instana.io
ml.info-people.fr
10 widgets.outbrain.com ml.info-people.fr
widgets.outbrain.com
www.gala.fr
9 images.outbrainimg.com
8 googleads4.g.doubleclick.net ml.info-people.fr
googleads.g.doubleclick.net
8 googleads.g.doubleclick.net 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
ml.info-people.fr
8 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net ml.info-people.fr
securepubads.g.doubleclick.net
eum.instana.io
www.gala.fr
www.googletagservices.com
7 us-u.openx.net 5 redirects googleads.g.doubleclick.net
7 ib.adnxs.com eum.instana.io
googleads.g.doubleclick.net
7 www.googletagservices.com www.gala.fr
securepubads.g.doubleclick.net
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
6 s.cpx.to p.cpx.to
6 match.adsrvr.org 2 redirects eum.instana.io
ssum-sec.casalemedia.com
eus.rubiconproject.com
6 consent.gala.fr eum.instana.io
gdpr-tcfv2.sp-prod.net
consent.gala.fr
5 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 token.rubiconproject.com 4 redirects
5 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
5 metrics.brightcove.com
5 usersync.getpublica.com sync.getpublica.com
usersync.getpublica.com
5 c.amazon-adsystem.com ml.info-people.fr
eum.instana.io
5 eum-eu-west-1.instana.io eum.instana.io
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
4 ads.stickyadstv.com 1 redirects usersync.getpublica.com
eum.instana.io
4 sync.smartadserver.com 4 redirects
4 c2shb.ssp.yahoo.com eum.instana.io
4 itm.ivitrack.com ml.info-people.fr
www.googletagmanager.com
itm.ivitrack.com
4 gal.img.pmdstatic.net www.gala.fr
4 www.google-analytics.com www.gala.fr
www.google-analytics.com
www.googletagmanager.com
3 mcdp-chidc2.outbrain.com eum.instana.io
3 eb2.3lift.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
3 manifest.prod.boltdns.net eum.instana.io
3 intake.pbstck.com eum.instana.io
3 odb.outbrain.com widgets.outbrain.com
3 htlb.casalemedia.com eum.instana.io
3 secure.adnxs.com 3 redirects
3 www.googletagmanager.com tra.scds.pmdstatic.net
www.googletagmanager.com
3 www.google.com 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
3 r.phywi.org wtm.info-people.fr
3 wtm.info-people.fr 1 redirects wtm.info-people.fr
2 d5p.de17a.com 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 sync.mathtag.com 2 redirects
2 static.criteo.net tra.scds.pmdstatic.net
eum.instana.io
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.ch securepubads.g.doubleclick.net
2 sync.bfmio.com 1 redirects usersync.getpublica.com
2 image6.pubmatic.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 image2.pubmatic.com 2 redirects
2 imasdk.googleapis.com players.brightcove.net
imasdk.googleapis.com
2 edge.api.brightcove.com eum.instana.io
2 bidder.criteo.com eum.instana.io
2 log.outbrainimg.com eum.instana.io
2 www.facebook.com connect.facebook.net
2 tag.agrvt.com ml.info-people.fr
tag.agrvt.com
2 prismashop.commander1.com 1 redirects
2 connect.facebook.net ml.info-people.fr
connect.facebook.net
2 redirect.frontend.weborama.fr 2 redirects
2 er.cloud-media.fr 1 redirects wtm.info-people.fr
1 gum.criteo.com static.criteo.net
1 cms.quantserve.com 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
1 px.ads.linkedin.com 1 redirects
1 mappings.ivitrack.com
1 fonts.googleapis.com s0.2mdn.net
1 assets.playtem.com ml.info-people.fr
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 dsp.adotmob.com eum.instana.io
1 www.adwstats.com
1 cdn.privacy-mgmt.com consent.gala.fr
1 contents.adpaths.com players.brightcove.net
1 prof.estat.com players.brightcove.net
1 vjs.zencdn.net players.brightcove.net
1 bid.videostep.com eum.instana.io
1 prg.smartadserver.com eum.instana.io
1 api.taboola.com itm.ivitrack.com
1 d.agkn.com js.agkn.com
1 players.brightcove.net ml.info-people.fr
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com eum.instana.io
1 cdn.pbstck.com eum.instana.io
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fr-gmtdmp.mookie1.com
1 avads.net
1 ads.avads.net
1 social-reco.antvoice.com eum.instana.io
1 cross-prod.antvoice.com js.antvoice.com
1 www.img-static.com 1 redirects
1 p.cpx.to ml.info-people.fr
1 cdn.taboola.com ml.info-people.fr
1 amplify.outbrain.com ml.info-people.fr
1 ats.rlcdn.com www.googletagmanager.com
1 ps.eyeota.net ml.info-people.fr
1 asset.easydmp.net ml.info-people.fr
1 js.agkn.com ml.info-people.fr
1 adtrack.adleadevent.com www.googletagmanager.com
1 sync.getpublica.com www.googletagmanager.com
1 contextual.sirdata.io eum.instana.io
1 js-sec.indexww.com ml.info-people.fr
1 boot.pbstck.com ml.info-people.fr
1 amplifypixel.outbrain.com
1 odr.mookie1.com
1 cdn.mookie1.com ml.info-people.fr
1 config.seedtag.com ml.info-people.fr
1 js.antvoice.com ml.info-people.fr
1 try.abtasty.com www.googletagmanager.com
1 static.coreg-feed.com www.googletagmanager.com
1 static.hotjar.com ml.info-people.fr
1 via.batch.com ml.info-people.fr
1 p1.parsely.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 gdpr-tcfv2.sp-prod.net ml.info-people.fr
1 www.google.de
1 d1z2jf7jlzjs58.cloudfront.net eum.instana.io
tra.scds.pmdstatic.net
1 stats.g.doubleclick.net eum.instana.io
1 cdn.polyfill.io tra.scds.pmdstatic.net
1 eum.instana.io www.gala.fr
1 ml.info-people.fr
0 sdk.playtem.com Failed assets.playtem.com
0 1f2e7.v.fwmrm.net Failed
0 id5-sync.com Failed eum.instana.io
0 sm.rtb.mts.ru Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 match.sharethrough.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 sync.srv.stackadapt.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 tracking.m6r.eu Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 gcm.ctnsnet.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 rtb.openx.net Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 sync3.sniperlog.ru Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 x.bidswitch.net Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 eulerian.sarenza.com Failed googleads.g.doubleclick.net
0 sync.go.sonobi.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 c1.adform.net Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 ssp.adriver.ru Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 ads.travelaudience.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 r.turn.com Failed
0 aa.agkn.com Failed d.agkn.com
0 google.ops.beeline.ru Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 ups.analytics.yahoo.com Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 s.ad.smaato.net Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 google-sync.rutarget.ru Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 sync-tm.everesttech.net Failed 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 id.rlcdn.com Failed eus.rubiconproject.com
0 pixel-eu.rubiconproject.com Failed eus.rubiconproject.com
0 cs.emxdgt.com Failed usersync.getpublica.com
0 pixel.advertising.com Failed usersync.getpublica.com
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
0 um.simpli.fi Failed ssum-sec.casalemedia.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 nep.advangelists.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 ssbsync.smartadserver.com Failed aax-eu.amazon-adsystem.com
0 pool.grid-data.bidswitch.net Failed
0 a.teads.tv Failed eum.instana.io
0 pbs-front.mediasquare.fr Failed eum.instana.io
0 fastlane.rubiconproject.com Failed eum.instana.io
0 hb-api.omnitagjs.com Failed eum.instana.io
0 tlx.3lift.com Failed eum.instana.io
0 abs.proxistore.com Failed eum.instana.io
0 tr.outbrain.com Failed amplify.outbrain.com
0 api.rlcdn.com Failed eum.instana.io
442 166
Subject Issuer Validity Valid
ml.info-people.fr
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.phywi.org
Gandi Standard SSL CA 2		 2020-02-11 -
2022-02-11		 2 years crt.sh
*.cmrt.io
Amazon		 2020-09-13 -
2021-10-13		 a year crt.sh
prismamediadigital.com
Thawte RSA CA 2018		 2020-11-13 -
2021-05-12		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.gala.fr
Thawte RSA CA 2018		 2020-03-25 -
2022-04-24		 2 years crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-24 -
2021-12-25		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.sp-prod.net
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
consent.businessinsider.fr
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.via.batch.com
Gandi Standard SSL CA 2		 2020-04-17 -
2021-04-26		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.coreg-feed.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-22 -
2021-07-22		 a year crt.sh
try.abtasty.com
Amazon		 2020-08-25 -
2021-09-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.antvoice.com
Go Daddy Secure Certificate Authority - G2		 2019-05-11 -
2021-05-11		 2 years crt.sh
itm.ivitrack.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
cdn.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.commander1.com
Thawte RSA CA 2018		 2020-08-05 -
2021-11-01		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
contextual.sirdata.io
R3		 2021-01-16 -
2021-04-16		 3 months crt.sh
*.getpublica.com
Amazon		 2020-07-29 -
2021-08-29		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2020-06-15 -
2021-07-15		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
asset.easy-gain75.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
ats.rlcdn.com
GTS CA 1D2		 2021-03-10 -
2021-06-08		 3 months crt.sh
tag.agrvt.com
R3		 2021-02-11 -
2021-05-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.avads.net
Go Daddy Secure Certificate Authority - G2		 2021-02-10 -
2022-02-28		 a year crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1		 2020-03-26 -
2021-06-25		 a year crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-10-03		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
bid.videostep.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-08		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.estat.com
Amazon		 2020-07-11 -
2021-08-11		 a year crt.sh
*.adpaths.com
Amazon		 2020-08-24 -
2021-09-24		 a year crt.sh
*.api.brightcove.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
metrics.brightcove.com
GTS CA 1D2		 2021-01-30 -
2021-04-30		 3 months crt.sh
*.privacy-mgmt.com
R3		 2021-02-03 -
2021-05-04		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
brightcove.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-28 -
2021-04-20		 7 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.adwstats.com
Amazon		 2020-05-25 -
2021-06-25		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adotmob.com
R3		 2021-02-07 -
2021-05-08		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.playtem.com
AlphaSSL CA - SHA256 - G2		 2019-08-15 -
2021-10-06		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh

This page contains 41 frames:

Primary Page: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Frame ID: 5B739D4B1B124B7D8FD93EEF2F5478D3
Requests: 231 HTTP requests in this frame

Frame: https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
Frame ID: B41669570E78C47A5FA9D29749D6963E
Requests: 5 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Frame ID: A00428A6AD7D19B8E37E175D343DE789
Requests: 3 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Frame ID: A9943B7F0EE5209098823DB5D050EA20
Requests: 1 HTTP requests in this frame

Frame: https://cross-prod.antvoice.com/cookie.html?v=20160624
Frame ID: 8FCC3C805ED0F3F410FFA9B92DFAE3BE
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2DA6297DA36FF7C315C1AD491726A67F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 47E0713460DABF9645BE15E951CAA8FB
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=839272978&gdpr=0&gdpr_consent=undefined&ref=http%3A%2F%2Fwtm.info-people.fr%2F&bpid=prisma&c=%7B%22bpid%22%3A%22prisma%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22gdpr%22%3A%220%22%2C%22gdpr_consent%22%3A%22undefined%22%2C%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22l_actu%22%2C%22brd%22%3A%22Gala%22%7D
Frame ID: 98D40C2FA435A0663CE6BDE54C49374D
Requests: 3 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Frame ID: E6B55BFC8031756FBA8D118C7AF7D9EF
Requests: 9 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Frame ID: 3FD3AE7772009938F48DEF68E0C8BBDB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 0A8FF3115D035ADD1E509C8A15D5AC13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ACCD5C761A3E878ADBED8EA43FD12540
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_smrt_rbd_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: A204E3C0B86B7BE372349D9362779BC1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: DE707486DE64553F1DEE9F2DCC334D03
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
Frame ID: F27F415EF5E74637AC50B6B2D0915E0C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: 6EDE5B25147A73972D2402DFDA23EBEB
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4870140300022806032
Frame ID: FDBA116951AAAC507991FA2B7BBAC372
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 94D8C1A9AB694EA505CF7649FA395FF9
Requests: 1 HTTP requests in this frame

Frame: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 181E10B5BA75C4CFFF78D2FB56E942CF
Requests: 15 HTTP requests in this frame

Frame: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F27C72EFA6FE699301DB26F70DCFEED0
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: 714F4361D508FF76A745983F2DB6AA7F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
Frame ID: FA24449830199823565D6B5C879D4200
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
Frame ID: B5312243F900DA4402BD8D2C928EE1E0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F91DAC799C8B1C7BF603EF60BDCC4BB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 967C1098D9F468FF3B19E8287B2BE9FA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9506911/1604308950366/index.html
Frame ID: D59A101C35D83D4C6C27BE344EC43D04
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/5471761/1614585087903/index.html
Frame ID: 832670BD4F896E7E2F8FA7ADAE93B68B
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C343B4839F8CC940D2B3EB92743A120
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 834088B8B94138B7B789B07F0E4AC27C
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL54FRf_iWW0UREotGZxk_Nd51o6W-rZbpnYGYUFIoXmeLhLcBbwVjEuhPHoE1szGWeCOpF7OTSxu2zxTuK0LCtOCIdxoH8mf2bdGx11jkEO8jxWWBJW6v0DqLewUfVBEu_U6dNhH2utItvTuqDL6Kvc1AVgRIpQOBubRRUL9r8DUhMIsZawMDbbIQwFWn4HOGfyRBND-Xiu8KDSX0U1KW7Hn75iNKBbaRCB07dmz3exFclYcWJTYuzqL4Z-c7YxT-ps1zr3Tjgvnk5Ewz8hOHU4oBFWn8LY_oVkiN2OO7iN4osktStlmHWVfqK78wOjviYYEDoj9juwQSx-5HySk6F1I7rxTy&sig=Cg0ArKJSzBEEl8y4doXWEAE&urlfix=1&adurl=
Frame ID: D987ED26BE521D01DAA8D050EB397517
Requests: 3 HTTP requests in this frame

Frame: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 73E4CFF5291C74A5CD7035FFDEF1CDE0
Requests: 13 HTTP requests in this frame

Frame: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D02F7CA4ABB3CDD9F48B61FED796081
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Frame ID: 64996A94D6152CF5EAFB87DA7A4FD712
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Frame ID: B5B47016D0C0B96F9639C74E028D7630
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3AC7E3214D7C1117AD94C13ED56173C8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2634D96675EF1F839BE592B643573966
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/9506911/1604308924613/index.html
Frame ID: 1AF44CFECE2C50BE87751C8AE1AE8340
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA8EEE3363E90223E274EC2ED642D4FD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E3E30A30E092CAD9538FAE787C17157
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6565A17D7D29243FCC631433A45C62DB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.gala.fr&gdpr=0&gdpr_consent=
Frame ID: D92B81E2E69A879B61D3EB82AFA574B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html Page URL
  2. http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a1... HTTP 302
    http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww... Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pou... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Page Statistics

442
Requests

83 %
HTTPS

29 %
IPv6

106
Domains

166
Subdomains

100
IPs

8
Countries

4587 kB
Transfer

12043 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html Page URL
  2. http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=44&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bbdf7c3d25b7e21add59906d66%26c%3Dfr%26u%3Dhttps%253A%252F%252Fwww.gala.fr%252Fl_actu%252Fnews_de_stars%252Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%252FYLtc%252FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%252FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%252FbR%252Bw%253D%253D HTTP 302
    http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=44&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bbdf7c3d25b7e21add59906d66%26c%3Dfr%26u%3Dhttps%253A%252F%252Fwww.gala.fr%252Fl_actu%252Fnews_de_stars%252Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%252FYLtc%252FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%252FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%252FbR%252Bw%253D%253D HTTP 302
  • http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Request Chain 4
  • https://er.cloud-media.fr/r/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 5
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D%7BWEBO_CID%7D&bounce=1&random=4090865922 HTTP 302
  • https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=Ltqc8vC.5H.VCPy25w0BNu
Request Chain 68
  • https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017 HTTP 302
  • https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Request Chain 91
  • https://www.img-static.com/prisma.gif HTTP 302
  • https://r.phywi.org/prisma.gif
Request Chain 97
  • https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3D950cd223-ca24-4eff-8fd2-c30c904006c9%26tp%3D1%26tpId%3D%24UID HTTP 302
  • https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=8797344807167814618
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_tc= HTTP 302
  • https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_gid=CAESEO2kBvktepWRch8n-CUn930&google_cver=1
Request Chain 176
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9&google_gid=CAESEGXrywABWluDae6U90J6ynU&google_cver=1
Request Chain 180
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12166%26ref%3Dhttp%253A%252F%252Fwtm.info-people.fr%252F%26hn_ver%3D11%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8797344807167814618&pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Request Chain 181
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9&cklb=1 HTTP 302
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=357014492309402438&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Request Chain 182
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=1289e5ee-86e1-4263-abdd-854b113cf0a1&dsp=TTD
Request Chain 183
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=479081DD-7026-4432-90A4-D643F8747759&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Request Chain 201
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4870140300022806032
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBJk87jZ81BqV96AY9FQyfY&google_cver=1
Request Chain 217
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
Request Chain 219
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26PubmaticID%3D%23PM_USER_ID&gdpr=&us_privacy=&consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26PubmaticID%3D%23PM_USER_ID&gdpr=&us_privacy=&consent=&rdf=1 HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=pubmatic&did=443b5777-fe89-4dc7-be67-551a82bfdc51&PubmaticID=479081DD-7026-4432-90A4-D643F8747759
Request Chain 220
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dsmartadserver%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26SmartID%3D%5Bsas_uid%5D&gdpr=&us_privacy=&consent= HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dsmartadserver%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26SmartID%3D%5Bsas_uid%5D&gdpr=&us_privacy=&consent=&cklb=1 HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=smartadserver&did=443b5777-fe89-4dc7-be67-551a82bfdc51&SmartID=2652231189792076781
Request Chain 222
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190692&cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26IndexID%3D&gdpr=&us_privacy=&consent= HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=index&did=443b5777-fe89-4dc7-be67-551a82bfdc51&IndexID=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
Request Chain 223
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=$UID&gdpr=&us_privacy=&consent= HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=8797344807167814618&gdpr=&us_privacy=&consent=
Request Chain 225
  • https://sync.bfmio.com/syncb?pid=176&pcid=443b5777-fe89-4dc7-be67-551a82bfdc51&gdpr=&us_privacy=&consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=1289e5ee-86e1-4263-abdd-854b113cf0a1
Request Chain 247
  • https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=4359937&componentId=prebid&componentSubId=mustang&timestamp=1616247572220&pKey=1822442225&_fw_gdpr_consent=undefined&_fw_gdpr=false&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&playerSize=640x480 HTTP 302
  • https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=2120274&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&_fw_gdpr=false&_fw_gdpr_consent=undefined&_fw_gdpr_consented_providers=
Request Chain 256
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&gdpr=0
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=529f6055-fb14-4300-a2c5-48f1ec9e3e47&gdpr=0&gdpr_consent=
Request Chain 259
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMHS2NX8-1A-AF27&sigv=1&esig=2~c71f9c6d20a3064a0c9a974cec003292591b1f32&gdpr=0
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gGmWyLgYGiX14aWvsVyuV8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=566730656407474250
Request Chain 262
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EyMmM4NTU1MDczNDY5NGZjNzU5ZDZmZTRlMjBmNGVmNGFmM2VlNQ&gdpr=0
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMMH0Rx9MoNdLjqGb1KnfMA&google_cver=1
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
Request Chain 291
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Request Chain 325
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI9FASkKQeFJltylq_6cKTQ&google_cver=1&google_push=AQvitUI8KGUv55t1zdsfnjuGcNdO_X21KyYpA5hIKpUVuYRcbFVyqh3h9-xzoDfT8oArqSKs4OoitnmzesuQWVZmvXIILN71kCTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEyNTE2NjE2OTc3NjI0NDYyNg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEI9FASkKQeFJltylq_6cKTQ&google_cver=1
Request Chain 329
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHsQxRaMdkNdUgSOXc0xj28&google_cver=1&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxGMDkreAhj6JcuXp-4sKS5pvUpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxGMDkreAhj6JcuXp-4sKS5pvUpQ
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
Request Chain 382
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
Request Chain 384
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
Request Chain 386
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
Request Chain 388
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
Request Chain 404
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIjVTM8tfWAU85ROy4actOc&google_cver=1&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJxiefa25iaGBLX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Up9gVfsUQwCixUjx7J4-Rw&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJxiefa25iaGBLX
Request Chain 405
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELfRGehfR5eTjiFP5UN7pfI&google_cver=1&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5ZqfOozLz52PKNceKLSNxrMl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5ZqfOozLz52PKNceKLSNxrMl
Request Chain 406
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIWjXdt1Cvb4H7ILfYq2YUk&google_cver=1&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3 HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIWjXdt1Cvb4H7ILfYq2YUk&google_cver=1&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3&prevuid=03030003_6055fb16d52a6&knw=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3&google_hm=MDMwMzAwMDNfNjA1NWZiMTZkNTJhNg%3D%3D
Request Chain 409
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP7KUSuyM-T7TaYFaPabEO0&google_cver=1&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEP7KUSuyM-T7TaYFaPabEO0&google_cver=1&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g
Request Chain 446
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5f622662eda73e87e273d08189abe3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=undefined
Request Chain 447
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

442 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
104130935.html
ml.info-people.fr/l2/7Owew3BcE43/2889979/ 		824 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.11 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
7634627a77418d7b1f819666771e418fd736b5dc8bb7abe57626b3ff11c9d3c0

Request headers

Host
ml.info-people.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:28 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
824
Connection
close
Content-Type
text/html
redirection.html
wtm.info-people.fr/
Redirect Chain
  • http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=44&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bb...
  • http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquo...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd9d286ab7095662b0e4c4896d13b4babc1cd6791effc6c79f757138d006276
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
wtm.info-people.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d7ece2113fc6c9bb7bf92492fce6440ec1616247568
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html

Response headers

Date
Sat, 20 Mar 2021 13:39:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding
strict-transport-security
max-age=63072000
x-request-id
A29E587C:FC1C_33592B57:0050_6055FB10_808867:0008
CF-Cache-Status
DYNAMIC
cf-request-id
08f175d0c200002c196bad9000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xbvaqA8zkfdHI%2F9ZWJVLxSWf%2FpOtjDIuufnPKyL2T2EHl8Qeb35ehRDA5WVRAI4gMhpBAxWcEmxy3TKypc80xogkm9rQjvDBS3NqFeOTfzZNosdCzBJEyzy%2BdsDqYBY%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
632f58c79bed2c19-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sat, 20 Mar 2021 13:39:28 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=d7ece2113fc6c9bb7bf92492fce6440ec1616247568; expires=Mon, 19-Apr-21 13:39:28 GMT; path=/; domain=.info-people.fr; HttpOnly; SameSite=Lax
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
post-check=0, pre-check=0
pragma
no-cache
location
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
strict-transport-security
max-age=63072000
x-request-id
A29E587C:FC08_33592B57:0050_6055FB10_808863:0008
CF-Cache-Status
DYNAMIC
cf-request-id
08f175d0ab00002c19542fc000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5fK5uQitFfE6K%2Fj8Q27mU8tWlC%2FwLAUrPqpMVsqa5ZO6oZByqci0CxQjPXj%2BCsIN%2FXIyhyPWmNZ89aGHMRXzJ0ZFaJyZTHQp0H8FxX%2Fja1TCBgHaOkTk7uBVm9vWq4Q%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
632f58c77bc52c19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc...
wtm.info-people.fr/ 		0
883 B 		Other
General
Check archive.org
Download Go to
Full URL
http://wtm.info-people.fr/https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:28 GMT
CF-Cache-Status
DYNAMIC
NEL
{"max_age":604800,"report_to":"cf-nel"}
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
43
cf-request-id
08f175d0e000002c1960ab5000000001
x-request-id
A29E587C:FC54_33592B57:0050_6055FB10_80886B:0008
pragma
no-cache
Server
cloudflare
strict-transport-security
max-age=63072000
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82bNFmQtgpGGaE1YY5N%2BE9vAPu25WW5Qa0ArfAx9MFjjGnKMaST2KsVrrnTUaG7%2B%2Fhhpwxevr4IsI3UYKNpggi4GLNIhMHnYwWOMbgoiqI%2Bcw9VENM5735%2BuIGW60IU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
cache-control
post-check=0, pre-check=0
CF-RAY
632f58c7cc2f2c19-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
cl.gif
r.phywi.org/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/cl.gif?m=94ea13bbdf7c3d25b7e21add59906d66
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:700:347e:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
server
nginx
date
Sat, 20 Mar 2021 13:39:28 GMT
x-request-id
2A0104F8019254140000000000000002:B168_200141D00700347E0000000000000000:01BB_6055FB10_61A985:0009
content-type
image/gif
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/
Redirect Chain
  • https://er.cloud-media.fr/r/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.233.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-233-60.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:28 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
date
Sat, 20 Mar 2021 13:39:28 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D%7BWEBO_CID%7D&bounce=1&random=4090865922
  • https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=Ltqc8vC.5H.VCPy25w0BNu
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=Ltqc8vC.5H.VCPy25w0BNu
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:700:347e:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
server
nginx
date
Sat, 20 Mar 2021 13:39:28 GMT
x-request-id
2A0104F8019254140000000000000002:B168_200141D00700347E0000000000000000:01BB_6055FB10_61A98D:0009
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:28 GMT
via
1.1 google
last-modified
Sat, 20 Mar 2021 13:39:28 GMT
server
nginx/1.12.0
location
https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=Ltqc8vC.5H.VCPy25w0BNu
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221
www.gala.fr/l_actu/news_de_stars/ 		185 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
493772cc793bd9d86db7ce05780a728a38657de29dbe0a348283cbc85e2381e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.gala.fr
:scheme
https
:path
/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://wtm.info-people.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://wtm.info-people.fr/

Response headers

content-type
text/html; charset=UTF-8
server-timing
intid;desc=0dff4df31aac2815
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
x-generation-time
0.061 @ Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
x-varnish-cache
PASS
accept-ranges
bytes
content-length
27556
cache-control
public, max-age=59
date
Sat, 20 Mar 2021 13:39:29 GMT
vary
Accept-Encoding
browsertools.js
tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7E) /
Resource Hash
abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
22029002
x-cache
HIT
content-disposition
inline
content-length
12282
access-control-allow-origin
*
last-modified
Wed, 08 Jul 2020 14:28:37 GMT
server
ECAcc (mil/6C7E)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
H3D3p_lWqSnXtGjDig2igruLcio1ejXe
via
1.1 8411105b12842016b4473f6d89a20f3f.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
Qxh4GdggvGPvf3wvNGZl-Sac2Gq114B7A5O2YTdSnA5Wg23FsxwS-Q==
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.111.0/ 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/core-ads.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA8) /
Resource Hash
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
189520
x-cache
HIT
content-disposition
inline
content-length
63839
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (mil/6BA8)
etag
W/"cc6f57047353c25650f6d03a5ecb9401"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
fk8JMZ.ZM7Ns5lUiYyI8L5t0e.C7Daee
via
1.1 2b0fb614bbb9725d108c7b6cf26875c6.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ilU-oQy1b8TlJ60oc254hyBThVcNTp6_9svy3ZBf9qn_XHqncwpCeQ==
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 89 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:29 GMT
frank-ruhl-libre-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-regular.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 04 Nov 2020 14:09:04 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 05 Nov 2020 20:57:00 GMT
cache-control
public, max-age=19898278
accept-ranges
bytes
content-length
19900
expires
Fri, 05 Nov 2021 20:57:27 GMT
frank-ruhl-libre-v5-latin-500.woff2
www.gala.fr/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-500.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1cd89f61370b7362c362612635115198199a35881b975e39523d7734511f4e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 14:33:00 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.000 @ Wed, 28 Oct 2020 21:10:08 GMT
cache-control
public, max-age=19207859
accept-ranges
bytes
content-length
19772
expires
Thu, 28 Oct 2021 21:10:28 GMT
frank-ruhl-libre-v5-latin-700.woff2
www.gala.fr/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-700.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 14 Oct 2020 12:08:24 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 15 Oct 2020 05:10:07 GMT
cache-control
public, max-age=18027170
accept-ranges
bytes
content-length
20288
expires
Fri, 15 Oct 2021 05:12:19 GMT
nunito-sans-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-regular.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16885920
accept-ranges
bytes
content-length
16920
expires
Sat, 02 Oct 2021 00:11:29 GMT
nunito-sans-v5-latin-600.woff2
www.gala.fr/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-600.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16886064
accept-ranges
bytes
content-length
16900
expires
Sat, 02 Oct 2021 00:13:53 GMT
nunito-sans-v5-latin-800.woff2
www.gala.fr/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-800.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2598e19440d3584cae862d26410fa6e545cc31d0b721f80b042d55ec599af604
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 04 Nov 2020 14:09:04 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 05 Nov 2020 20:57:00 GMT
cache-control
public, max-age=19898242
accept-ranges
bytes
content-length
16824
expires
Fri, 05 Nov 2021 20:56:51 GMT
1-bf63ec34b73eb30a370f.min.css
www.gala.fr/assets/styles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
098af96d8c73d9608eb04f3738256a3668036a98d29ce3c9d105148231e0a0b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 18 Mar 2021 15:21:50 GMT
cache-control
public, max-age=31369337
accept-ranges
bytes
vary
Accept-Encoding
content-length
2850
expires
Fri, 18 Mar 2022 15:21:46 GMT
article-bf63ec34b73eb30a370f.min.css
www.gala.fr/assets/styles/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/styles/article-bf63ec34b73eb30a370f.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b78cac285211c31b7ca83337645a9b8bfdf94e2f1b3bb410658b609c7c6658f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.003 @ Thu, 18 Mar 2021 15:21:28 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31369352
accept-ranges
bytes
vary
Accept-Encoding
content-length
11351
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:22:01 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
664
date
Sat, 20 Mar 2021 13:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 20 Mar 2021 15:28:25 GMT
gala-video-brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-l-arrange-pas.jpg
gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2Fe6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4.2F0a0da5d6-c4e0-4a1d-a7d6-10895231eb4f.2F128... 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2Fe6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4.2F0a0da5d6-c4e0-4a1d-a7d6-10895231eb4f.2F1280x720.2Fmatch.2Fimage.2Ejpg/1280x720/quality/80/gala-video-brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-l-arrange-pas.jpg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAA) /
Resource Hash
748e1ef92bef1d36dc2d500c5aa01705ec3b00bab6c3596e88f91fe826967b48

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
last-modified
Fri, 19 Mar 2021 17:55:20 GMT
server
ECAcc (mil/6BAA)
age
71049
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
X-Photosphere
content-length
125640
expires
Sun, 20 Mar 2022 13:39:29 GMT
thumbnail.jpeg
gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2F574bb40e-285a-4db5-9344-350a1501342c.2Ejpeg/1120x747/quality/80/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2F574bb40e-285a-4db5-9344-350a1501342c.2Ejpeg/1120x747/quality/80/thumbnail.jpeg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C72) /
Resource Hash
2ae53520190c31c7dd2e6c866c9d253d2a430b455498dde92cdac6aa3981983a

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
last-modified
Fri, 19 Mar 2021 16:02:58 GMT
server
ECAcc (mil/6C72)
age
77792
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
X-Photosphere
content-length
125181
expires
Sun, 20 Mar 2022 13:39:29 GMT
thumbnail.jpeg
gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2Fc1d40d39-e61f-4b22-a465-82aa3c1a15c5.2Ejpeg/1120x747/quality/80/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2Fc1d40d39-e61f-4b22-a465-82aa3c1a15c5.2Ejpeg/1120x747/quality/80/thumbnail.jpeg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C22) /
Resource Hash
2d078bfd71ee28768e1bcfae4e5cb563033b9c46dfc209c49f1d5ec30d64ee84

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
last-modified
Fri, 19 Mar 2021 16:04:48 GMT
server
ECAcc (mil/6C22)
age
77682
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
X-Photosphere
content-length
122610
expires
Sun, 20 Mar 2022 13:39:29 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gala-image-par-defaut.png
www.gala.fr/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gala.fr/assets/images/gala-image-par-defaut.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
image/png
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16885864
accept-ranges
bytes
content-length
5765
expires
Sat, 02 Oct 2021 00:10:33 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
eum.min.js
eum.instana.io/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 9 Mar 2021 18:57:39 GMT
server
cloudflare
age
139054
etag
-1802586287--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
632f58cb9ac34a97-FRA
cf-request-id
08f175d34200004a975f148000000001
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		516 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/ 		4 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1173691927&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=http%3A%2F%2Fwtm.info-people.fr%2F&ul=en-us&de=UTF-8&dt=Brigitte%20Macron%20encore%20priv%C3%A9e%20de%20ses%20petits-enfants%C2%A0%3A%20pourquoi%20le%20reconfinement%20ne%20l%27arrange%20pas%20-%20Gala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=83634585&gjid=1315259934&cid=1138525389.1616247569&tid=UA-18383854-2&_gid=231440631.1616247569&_r=1&_slc=1&cd11=no&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd21=https&cd13=1&cd19=leader&cd18=%2Cpremi%C3%A8re%20dame%2Cconfinement%2CPetits-enfants%2CLe%20Touquet%2CBrigitte%20Macron%2C&cd27=http%3A%2F%2Fwtm.info-people.fr%2F&cd29=795129c5-b90c-4ce2-bf25-3d6a2f21ae2e&cd34=0&cd30=Article%3A65f0e967-d21a-4ffd-834a-db7755b4cf9a&cd32=1138525389.1616247569&z=1225126887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2616539
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=109, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Feb 2021 12:08:39 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-18383854-2&cid=1138525389.1616247569&jid=83634585&gjid=1315259934&_gid=231440631.1616247569&_u=YEBAAAAAAAAAAC~&z=1044598505
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 20 Mar 2021 13:39:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sourcepoint.min.js
tra.scds.pmdstatic.net/sourcepoint/3.8.1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/sourcepoint/3.8.1/sourcepoint.min.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCD) /
Resource Hash
0c6d16e0a0b92676f6c42aec301b7e6d99812ce50c069177f4732acab524ad76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
84273
x-cache
HIT
content-disposition
inline
content-length
2183
access-control-allow-origin
*
last-modified
Fri, 19 Mar 2021 14:14:53 GMT
server
ECAcc (mil/6CCD)
etag
"ffc43a37e385fad7a914e206dbf4d69e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
TbkxwboxgUM6qGa6DhEbSfpK2krDDL0W
via
1.1 f6d81b3012ddbb7788e324c7c08594a7.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ZXchu11Ghn-UcJ7RsdhSsfU13n-37jJywZjBuIKrItfzbKvtE4QZlg==
essentials-bf63ec34b73eb30a370f.js
www.gala.fr/assets/scripts/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/essentials-bf63ec34b73eb30a370f.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cc2ba5b240816ae040aface540ba6dd94c90505051118fbdb6869e1254a7b0c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
9896d29a41cf32eb
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
9896d29a41cf32eb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=9896d29a41cf32eb

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.001 @ Thu, 18 Mar 2021 15:21:25 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31369326
accept-ranges
bytes
vary
Accept-Encoding
content-length
7060
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:21:35 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18383854-2&cid=1138525389.1616247569&jid=83634585&_u=YEBAAAAAAAAAAC~&z=95590123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18383854-2&cid=1138525389.1616247569&jid=83634585&_u=YEBAAAAAAAAAAC~&z=95590123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-162.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 04:57:25 GMT
Via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Age
31277
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
zCFmBNciX9iz2r0MC18deiEF_9yi1kr8PnHOLu-R6qOmPgxsVV33Dg==
Expires
Sun, 21 Mar 2021 04:57:25 GMT
wrapperMessagingWithoutDetection.js
gdpr-tcfv2.sp-prod.net/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 21:07:41 GMT
server
AmazonS3
age
1904
etag
W/"8073094d2add7dd857b75129d94e1d56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e39402e2cf62b31f7774452c905f38f3.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Sat, 20 Mar 2021 13:07:46 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
pl2wqJVFfdEoeXCSWYZkoe2mcYsqJOzisqN8WOTCHoCgQB305Zh-UQ==
brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221
www.gala.fr/l_actu/news_de_stars/ 		185 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
493772cc793bd9d86db7ce05780a728a38657de29dbe0a348283cbc85e2381e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.061 @ Sat, 20 Mar 2021 13:39:29 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/html; charset=UTF-8
cache-control
public, max-age=59
server-timing
intid;desc=0dff4df31aac2815
accept-ranges
bytes
vary
Accept-Encoding
content-length
27556
x-content-type-options
nosniff
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.111.0/ 		203 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/core-ads.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BA8) /
Resource Hash
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
189520
x-cache
HIT
content-disposition
inline
content-length
63839
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (mil/6BA8)
etag
W/"cc6f57047353c25650f6d03a5ecb9401"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
fk8JMZ.ZM7Ns5lUiYyI8L5t0e.C7Daee
via
1.1 2b0fb614bbb9725d108c7b6cf26875c6.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ilU-oQy1b8TlJ60oc254hyBThVcNTp6_9svy3ZBf9qn_XHqncwpCeQ==
p.js
cdn.parsely.com/keys/gala.fr/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/gala.fr/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.147.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-147-71.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7c0c8c3229e673fee98ef7b636ee0897a6d88bb735b767c901c6624613e2ab77

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Mar 2021 00:56:43 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 19:39:18 GMT
server
nginx
age
45778
etag
W/"603fe5e6-bd28"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
5l3_mWL_HkYTuoorditoL_lhyWMmD8VYbNR5Q1dGX3oEjV7ckeTE4Q==
expires
Sun, 21 Mar 2021 00:55:45 GMT
gal-config.json
tra.scds.pmdstatic.net/advertising-core/4.111.0/config/ 		67 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/config/gal-config.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C4F) /
Resource Hash
7c2179d2703a907d1f2fc1166ef41aa3e1938587778e098223acc3a3cc8777d5

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
189515
x-cache
HIT
content-disposition
inline
content-length
4499
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (mil/6C4F)
etag
W/"98edc63881581706dd002ed0888a0d3a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
oKKmkLdUFwSXZJNcit4YBuetGLA.YJLF
via
1.1 f1a0d076bd803c49a08dd5907cff82b0.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
x-amz-cf-id
bMuVOejCxD-aCrVAo2A14h9GLI28YnWoIGAgTYN-1ytAufZp77Th4g==
index.js
tra.scds.pmdstatic.net/pmc-starter/4.6.4/ 		46 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-starter/4.6.4/index.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C51) /
Resource Hash
3f16fcd84f2f239b85b283f10e4d1696b3705ce385c7e6fc082f39a3e6a43c15

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
188296
x-cache
HIT
content-disposition
inline
content-length
14282
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:20:13 GMT
server
ECAcc (mil/6C51)
etag
W/"d9184aaf11f89aa3dd2f61d5c3d166ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
kentjswNKOxnUakvXo1lFl5w2Ao.yB5c
via
1.1 ebc2f999559db1a05f6ebf1e799bb575.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
c4OIW7o8XlYFDBfs_hgKYbUU7VONSTecUQEatlUMa25LiOHVuGMmQQ==
gtm.js
www.googletagmanager.com/ 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3229cf46f6753b600d45518ad3ea5d57079f5a6109516c0f1775c8c7822b9887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51650
x-xss-protection
0
last-modified
Sat, 20 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Mar 2021 13:39:29 GMT
bookmark-statics.js
tra.scds.pmdstatic.net/bookmark/4.0.0/js/ 		58 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/bookmark/4.0.0/js/bookmark-statics.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C85) /
Resource Hash
27e9af45e7199f4b3578e56dd250282243c01472c20536fee0d020232d15a9b2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
2589283
x-cache
HIT
content-disposition
inline
content-length
20122
access-control-allow-origin
*
last-modified
Wed, 20 Jan 2021 15:17:27 GMT
server
ECAcc (mil/6C85)
etag
"763e7aa93b839fd68ca6c33226525a4e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
b7ep1Dv2AuiJBpQPhfJz0sGK0CcggYb_
via
1.1 d6561aeeccb210202cf78b99f07c5235.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
BycfqpD8BPSNGmsrAWwowaPsOsnfbSlI-ibT2T77UVvEATRsXhx9rQ==
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/ 		184 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%22a29ac254-d302-4766-a61e-7061d4e5e7ed%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
a0ce8d2e8a4a3fda4a3a147d3a5be99509910e30b1a087c0fcbf9b11bfac9f20

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
nEVi0x6E5q-PDthw0G2_uYHRAZqG1OAXx7a3hvOz1v0XEK7urydnqA==
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%22a29ac254-d302-4766-a61e-7061d4e5e7ed%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Protocol
H2
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.gala.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Sat, 20 Mar 2021 13:39:29 GMT
x-powered-by
Express
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
CHoA-6zuOhaysbkeSlQEX7wmdk_7ZH4b-bhXbWjwp7bhMHzTkTBlgA==
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1616247569503&plid=68926302&idsite=gala.fr&url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&urlref=http%3A%2F%2Fwtm.info-people.fr%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&sref=http%3A%2F%2Fwtm.info-people.fr%2F&sts=1616247569499&slts=0&title=Brigitte+Macron+encore+priv%C3%A9e+de+ses+petits-enfants%C2%A0%3A+pourquoi+le+reconfinement+ne+l%27arrange+pas+-+Gala&date=Sat+Mar+20+2021+14%3A39%3A29+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=70120280&u=pid%3Dd5879f5ca221f191cb305508e424f5d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 20-Mar-2021 13:39:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
0-19459ee0922977780343.js
www.gala.fr/assets/scripts/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/0-19459ee0922977780343.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0ee720d635dad6cca5fef794b0efe37032030e80147bcae494957b27def0a44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
ac18d5a3a14cbc82
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
ac18d5a3a14cbc82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=ac18d5a3a14cbc82

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
-0.000 @ Thu, 18 Mar 2021 10:41:17 GMT
last-modified
Thu, 18 Mar 2021 09:17:13 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31352468
accept-ranges
bytes
vary
Accept-Encoding
content-length
2665
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 10:40:37 GMT
1-7e21699d54cec6dda254.js
www.gala.fr/assets/scripts/ 		157 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/1-7e21699d54cec6dda254.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
323d34dab70216c09889c2511a7a625a8d688d0a4f18f8f8acdf1813826ce53d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
109687c3698043a9
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
109687c3698043a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=109687c3698043a9

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 18 Mar 2021 15:21:32 GMT
cache-control
public, max-age=31369324
accept-ranges
bytes
vary
Accept-Encoding
content-length
95
expires
Fri, 18 Mar 2022 15:21:33 GMT
article-bf63ec34b73eb30a370f.js
www.gala.fr/assets/scripts/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/article-bf63ec34b73eb30a370f.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83d3007ad7d10d08f2f785f4beb96432d503730bf49feb4f5a2dd45cd857ab0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
4162ddbfb15234c2
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
4162ddbfb15234c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=4162ddbfb15234c2

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.032 @ Thu, 18 Mar 2021 15:21:25 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31369357
accept-ranges
bytes
vary
Accept-Encoding
content-length
5984
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:22:06 GMT
newsletterBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/ 		71 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/newsletterBundle.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC0) /
Resource Hash
917a48d5da39892c1f6394a3bae82998aba46dd8af3ccacb44e65a85ff90da34

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
246781
x-cache
HIT
content-disposition
inline
content-length
22722
access-control-allow-origin
*
last-modified
Wed, 17 Mar 2021 17:05:45 GMT
server
ECAcc (mil/6CC0)
etag
W/"770112eb4bfb9484fc8bb495bd855c43"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ACcJ6ZWPRNEmfW8CeH6ao9MuybsTOo5R
via
1.1 a64d90720955c3d3de37aa0526d1a7a5.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
vDnO6hemx2Ugdq-GXPLwuqwD8Hkehkks4lFDgv7NBTwn-QjLFPlG7A==
optinBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/optinBundle.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5E) /
Resource Hash
059d0dcb86cca77927d8cf90ff982021cec8523ea1629d2ff922085f37cdf43c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
246781
x-cache
HIT
content-disposition
inline
content-length
3540
access-control-allow-origin
*
last-modified
Wed, 17 Mar 2021 17:05:45 GMT
server
ECAcc (mil/6C5E)
etag
W/"9e68e2d476939723a0b2e199a5d4037e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
3SF3Ms9h8Eb7IWmhdcReKxdE2iVPe14Y
via
1.1 35edfe00d0c28f55b85d2366a87b40f9.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
y4M95wvBYBfC0SV9V1QGE9BWg4aX32EDfDBhUIrU_gYdadJMerqLhA==
overview.js
tra.scds.pmdstatic.net/logora/5.0.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/logora/5.0.0/overview.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C61) /
Resource Hash
e9e1b7edaebe2866ed779b7a38212fc5c7df8d6a01b14c5d08b6e31341ede9e9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
2589282
x-cache
HIT
content-disposition
inline
content-length
1904
access-control-allow-origin
*
last-modified
Tue, 16 Feb 2021 13:58:30 GMT
server
ECAcc (mil/6C61)
etag
"f078bb3234775a126cccd496a6b8f188+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
cZsHOQTPZGBWOSOu6p2ueD4HT_I3FHGj
via
1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
HZzuydWupz3WFBipzJR3dwdgvky-c2yjNeLZxz0ZUnbcD-fQw2_oOw==
article.json
tra.scds.pmdstatic.net/advis/228216569/Gala/l_actu-news_de_stars/ 		5 KB
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advis/228216569/Gala/l_actu-news_de_stars/article.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9A) /
Resource Hash
6d45fef25132c8b5460a5cbe014ba1b258ca4e30920eb60173e4c1ca74b3c9f6

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
vary
Accept-Encoding
age
610
x-cache
HIT
content-length
514
x-amz-id-2
Ttu7OxQR6Ya4VhSRnXB8iT/zWkXm/AzIMtwq0ODoMtJmlIyhM2Kh2a+yzUR0kUeHwKAW6klF8Po=
last-modified
Sat, 20 Mar 2021 04:35:29 GMT
server
ECAcc (mil/6C9A)
etag
"8308974ab881aa66d9f5628e22033302+gzip"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
C8A34C4ECW94YBYX
access-control-allow-origin
*
access-control-expose-headers
GET, PUT
cache-control
max-age=3600,s-maxage=3600,public
x-amz-version-id
rlzpAp2tYFzyFU_mfu.AAfWhJvjQoKrp
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
gtm.js
www.googletagmanager.com/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aebb745b2cda3a44e5dd95bb0f9df36adbada2763a24fc1b7aa0822eccfa6f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48644
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:29 GMT
bootstrap.min.js
via.batch.com/v2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://via.batch.com/v2/bootstrap.min.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
ac72fb6790390bf18c50d6d435fcdcc12f710b516fa56b5fc4c40126a1b1fdfd

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
allow
GET, POST, OPTIONS
last-modified
Thu, 18 Mar 2021 14:24:41 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-cache
HIT
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept
content-length
1067
js
www.googletagmanager.com/gtag/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5W69BFBLT1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b9b4f28406e17ffdf8bb33ebd3075e14daf9b5f3868262331e2c2d229ecc1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53520
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:29 GMT
hotjar-308465.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-308465.js?sv=6
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
/
Resource Hash
d58ff7cad0ebbccb4091532c0c123939d29a088f413cc6e40099d894fb285a75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
6
etag
W/4badd58ae05c4dfbdd40ab69d635843e
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
qVhsGxTPDAapCYdcDjr7b2XplPVyS-mudFFs05xfvINh4Ufu6yw_gA==
via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
inscription-nl.min.js
static.coreg-feed.com/gala/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.coreg-feed.com/gala/js/inscription-nl.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aff26237d743b9b7b398f88cd38dc261dcbe55781d80f9f8c3b0a9a3b95f0933

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 09:05:30 GMT
Via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Oct 2015 12:44:19 GMT
Server
AmazonS3
Age
16440
ETag
"b63bc13d825b3adf1a5cd620ecd38a99"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
17596
X-Amz-Cf-Id
I6XWZ_820-ihpMSYFy7-l7vbdgYjrYYXG52vcy2baOKff_c5jKKopA==
4fe9b272e52489e523fd4b04c6a40353.js
try.abtasty.com/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://try.abtasty.com/4fe9b272e52489e523fd4b04c6a40353.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-15.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3604b29d26df546d3ef4c042a0a4ec9a634f8ec7af604914306f76a6fbc48d7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 16:17:20 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:16:22 GMT
server
CloudFront
age
76934
etag
W/"bd9edcd81a0f33446ea9fbb896186c26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control
s-maxage=86400,max-age=30
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
g_qPA669A0OmRQ9YG_VXkLSDQr7V8vnoQH3EC5yoPeptDeK2fQoWWg==
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
yyNJdJ3TwPZLT17e43kqNDh2qsZV4rGzg+2aLSKJLHsImkREeFAEEtmISYrwHX0GncveT/d2rMg5afhmZQCKQg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sr-gala.js
js.antvoice.com/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.antvoice.com/sr-gala.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.89.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
736c2575b5d07d3699de76d348b018828b953c5910c34c2e5d36b005a48c5e70

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:55:41 GMT
content-encoding
gzip
age
71028
x-guploader-uploadid
ABg5-Uz_ANIme_fkc_LRXH89kOMeec6SFw0nnt7HMx6E9j2seqVM-1fLttMTL1Gfgx2iqacL7iZWcUKg01ykMv0aFDOsCai4ew
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
18866
last-modified
Wed, 03 Mar 2021 10:20:34 GMT
server
UploadServer
etag
"e5a4400b297e042d952b342de67e11c1"
vary
Accept-Encoding
x-goog-hash
crc32c=O4ClRA==, md5=5aRACyl+BC2VKzQt5n4RwQ==
x-goog-generation
1614766833991564
access-control-allow-origin
*
cache-control
public, max-age=604800
x-goog-stored-content-length
18866
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 26 Mar 2021 17:55:41 GMT
itm.js
itm.ivitrack.com/v1/gala/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/gala/itm.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
a0b600ad96d3d3ea4b7f1721093ed80b49a4f8c199f23e2e2e23f6b7e9a24a62

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:44:06 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
age
3323
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
4794
loader.js
config.seedtag.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/loader.js?v=0.4151687479187698
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f9d2661b7825d50fb4a73d16118cb74afa2bf12edf77a64a2807cc8fef857f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
cf-cache-status
HIT
age
32396
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175d4d30000cc5af832c000000001
last-modified
Tue, 16 Mar 2021 16:38:35 GMT
server
cloudflare
etag
W/"7123ae0e2e35821f1edd6974dfc4dc75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
632f58ce1e97cc5a-ZRH
expires
Sat, 20 Mar 2021 13:59:29 GMT
containr.js
cdn.mookie1.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.40.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-40-118.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
59bf69bcb73a067dc5a15f87f4d1236bf10b7eb558ab5697286d3f4419b604fc

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
1177
Last-Modified
Thu, 28 May 2020 09:27:37 GMT
Server
AkamaiNetStorage
ETag
"b48b8b10a8dae52dda97f6860932dcc0:1590658057.20858"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sat, 20 Mar 2021 13:40:29 GMT
v2
odr.mookie1.com/t/ 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_623639&gtmcb=1952144162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
prismashop.commander1.com/v3/
Redirect Chain
  • https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
  • https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.224.144 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-224-144.eu-west-3.compute.amazonaws.com
Software
web /
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
private
Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Server
web
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/gif
Expires
Fri, 18 Jun 21 14:39:29 +0200

Redirect headers

Pragma
private
Date
Sat, 20 Mar 2021 13:39:29 GMT
Server
web
location
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Connection
keep-alive
Content-Type
text/html
Expires
Fri, 18 Jun 21 14:39:29 +0200
pixel
amplifypixel.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=002533c3569d0ed02c40f1a4efb6bb2eb6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Cache-Control
no-cache
X-TraceId
7bab7313ac113d937c9a6f38d910b2e6
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
outbrain.js
widgets.outbrain.com/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
edge-cache-tag
widget-cheetah
cookie
CheetahStaging=true
x-traceid
680a21d574e44c50b0ae8b4817b19bf4
content-length
57062
last-modified
Tue, 16 Mar 2021 14:27:22 GMT
etag
W/"29f28-Fn8ZJ8Pp7yjE7XsrnLpL1aRVU3I"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
timing-allow-origin
*, *
expires
Sat, 20 Mar 2021 17:39:29 GMT
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.159.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:29 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
boot.pbstck.com/v1/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff87009537313d0f4679fbf1cb443464d70aa393cd710c3d678ad15d2c92a05

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
632f58ce5c5bd705-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175d4f90000d70590bb3000000001
453617084824724
connect.facebook.net/signals/config/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/453617084824724?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ccc5be112ca6b63cf7619fa6229dc1a7e5c91c20f34917f2e7ddfcac55b3f15b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70519
x-fb-rlafr
0
pragma
public
x-fb-debug
XoeSO4BY4uj6w5TVY9YeLQoTJZZJrDdL6a7Vts34WFVU/kNcUsRHKYAhri44I9IOqpx2vWqultvYYoC2epVIRg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 20 Mar 2021 13:39:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5W69BFBLT1&gtm=2oe3a0&_p=1173691927&sr=1600x1200&gcs=G10-&ul=en-us&cid=1138525389.1616247569&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=http%3A%2F%2Fwtm.info-people.fr%2F&dt=Brigitte%20Macron%20encore%20priv%C3%A9e%20de%20ses%20petits-enfants%C2%A0%3A%20pourquoi%20le%20reconfinement%20ne%20l%27arrange%20pas%20-%20Gala&sid=1616247569&sct=1&seg=0&en=page_view&_fv=1&_ss=1&up._npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5W69BFBLT1&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
185598-69743361691179.js
js-sec.indexww.com/ht/p/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/185598-69743361691179.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e2ab419c6bc3a52d001fa1f915bb0599b2c2d50dab8d129cfc1dc7f4d57cdfc8

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Mar 2021 13:11:08 GMT
Server
Apache
ETag
"760fff-b070-5bdf790ded332"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2025
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14898
Expires
Sat, 20 Mar 2021 14:13:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
content-encoding
gzip
server
Server
age
783
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Sat, 20 Mar 2021 13:26:26 GMT
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1cbc-g7RCyDxLvbwG63ZQQEDIulLAUUra-lkWMc5yzSmldvzqQLnOA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 667 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19833
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:29 GMT
contextual
contextual.sirdata.io/api/v1/public/ 		2 KB
887 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contextual.sirdata.io/api/v1/public/contextual?crawl=0&token=sBHJpv9SkSnAUtIV2WcFhI9zZBTg8gzBSY&url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
b1b05c800457fbb5558d05bcdc2f3f440db3cc1a05c876aed283ac2df66a8223
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gala.fr
access-control-allow-headers
authorization, content-type
prisma-prebid-plugin.js
tra.scds.pmdstatic.net/advertising-core/4.111.0/ 		306 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/prisma-prebid-plugin.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCD) /
Resource Hash
44db0ebce3b18d7c100c7667a01f170d967faa9daf36919127653886e86de9f6

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
age
189529
x-cache
HIT
content-disposition
inline
content-length
99517
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (mil/6CCD)
etag
W/"8c86173f60dd757bce986b7994168c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UFgLXZAALtWQFibx0_4d3j9wk8Cf4kO4
via
1.1 91a32e5723953e749bbbcb02b608eb88.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
93KnmXremwpkst_qyQn9r2ywi8Aw8_16iwMI34xno_MAwofiRRuHZg==
sync.js
sync.getpublica.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.getpublica.com/sync.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-61.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 05:02:31 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 05:02:28 GMT
server
AmazonS3
age
981419
etag
W/"57f96c63a498b1c3dc1a3c5ff601974b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
mrua2pbrFFrTBKKNnwtyck3hlDnB8ipipJB8oT--dlsQLN2WiTiFmA==
mailNotification.php
adtrack.adleadevent.com/ 		0
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=d7eac3c7-894a-4848-9c8a-2657d0877258&t=site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.113.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-113-218.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Mar 2021 13:39:29 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ae00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:05:21 GMT
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
last-modified
Tue, 22 Oct 2019 20:22:52 GMT
server
AmazonS3
age
20049
etag
"f53f55cbab099be3a970b446a66c496a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3167
x-amz-cf-id
RjsC7lyLePcsWMhOxes33GKgVsOUDQIaWlHe_0bvn2fhtyQ8TCiM_g==
client.js
asset.easydmp.net/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/js/client.js?t=224479
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
91d1ae842a400f27e1e9d44953a13202cf985b5d5ff8948e66cbfaf748537ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 08:33:43 GMT
X-IPLB-Request-ID
54277013:BBD2_91EFC135:01BB_6055FB11_1172666:2ED72
ETag
"6051bee7-d4b"
X-IPLB-Instance
24041
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
3403
pixel
ps.eyeota.net/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=1mpn5m0&t=ajs&gdpr=1&gdpr_consent=undefined&cat=l_actu&subcat=news_de_stars
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
155.220.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:37:13 GMT
content-encoding
gzip
age
831736
x-guploader-uploadid
ABg5-Uwj023QZ4tB1xE-XNP3jHbg7vl5b-5FmZ8kXTcIXaeO2JVQnou1SzEdtvGoI7Oe5jfGji2P5eN6mBrlxopfDSc
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60951
last-modified
Mon, 08 Mar 2021 09:08:13 GMT
server
UploadServer
etag
"453bdae55e72772be6cf9eeca9c66e90"
x-goog-hash
crc32c=UtxY/g==, md5=RTva5V5ydyvmz57sqcZukA==
x-goog-generation
1615194493440577
cache-control
no-transform
x-goog-stored-content-length
60951
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Mar 2022 22:37:13 GMT
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2021 14:42:51 GMT
Server
AkamaiNetStorage
ETag
"c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Sat, 20 Mar 2021 13:59:29 GMT
wrapper.js
tag.agrvt.com/tag/v2/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.agrvt.com/tag/v2/wrapper.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3af09a8017a4beb0dd742a9781f5c09c431f8ebb9f31f8dcbc0101c88f0f540d

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:59:06 GMT
content-encoding
br
x-cacheable
Matched cache
status
ok
x-cdn-pop
rbx1
content-length
2685
x-request-id
12189698
last-modified
Tue, 16 Mar 2021 14:38:25 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
W/"2fb0-1783b7941cf"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 23 Mar 2021 16:59:06 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1314176/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1314176/tfa.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02e49295b2906f004206ca7351f08c2eba30511ed70ad6fe8af46656b4959738

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
osso9AEio.at0XmArl_wILmfurhrurRU
content-encoding
gzip
etag
"c80ca4c2bba9761de731e0436aeb217c"
age
86
x-cache
HIT
x-amz-replication-status
PENDING
content-length
22002
x-amz-id-2
kKzQ3mGkFWaUs70OOVBGuBCbxpNaoXHHgqxKRCUwM7ljA0g+smHesih9wE2jYjLsXlo271Qr3PQ=
x-served-by
cache-fra19142-FRA
last-modified
Tue, 09 Mar 2021 16:40:08 GMT
server
AmazonS3
x-timer
S1616247570.791873,VS0,VE0
date
Sat, 20 Mar 2021 13:39:29 GMT
vary
Accept-Encoding
x-amz-request-id
1HB4RAWC43XT9872
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
3
itm.js
itm.ivitrack.com/v1/prisma-tag/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/prisma-tag/itm.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9e485b1b212dd0e5d55252ac7c0fa3e903b91edc51b85aaa3b39a4f0a9e01047

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:59:39 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
age
2390
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
12768
px.js
p.cpx.to/p/12166/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12166/px.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
669e7e7f5aa0c119796d832e8bb89e9a59d91045840db86cf77a8c9a9c0587dc

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:29 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
prisma.gif
r.phywi.org/
Redirect Chain
  • https://www.img-static.com/prisma.gif
  • https://r.phywi.org/prisma.gif
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/prisma.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:700:347e:: , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
server
nginx
date
Sat, 20 Mar 2021 13:39:29 GMT
x-request-id
2A0104F8019254140000000000000002:B168_200141D00700347E0000000000000000:01BB_6055FB10_61A9EF:0009
content-type
image/gif

Redirect headers

date
Sat, 20 Mar 2021 13:39:29 GMT
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oBhFul8nkKngc4J29BJ28ZXLXETLauEVkcTPfqqJ%2FGni4EsP3QZ3EgNYdNrL4TVUbF96l%2ByoWIJWHqxtqf7viCqb4kIXW0GrRGAFFrn7xEPVdvbxr0kfg91iZGqwyAA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/html
location
https://r.phywi.org/prisma.gif
strict-transport-security
max-age=63072000
cf-ray
632f58cf68c64e14-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175d5a000004e14628eb000000001
x-request-id
A29E59B5:7838_33D2F004:0050_6055FB11_5ECF2A:0008
index.html
consent.gala.fr/ Frame B416 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a

Request headers

:method
GET
:authority
consent.gala.fr
:scheme
https
:path
/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_gid=GA1.2.231440631.1616247569; _gat=1; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article%22%2C%22sref%22:%22http://wtm.info-people.fr/%22%2C%22sts%22:1616247569499%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=d5879f5ca221f191cb305508e424f5d2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1616247569499}; _ga_5W69BFBLT1=GS1.1.1616247569.1.0.1616247569.0; _ga=GA1.1.1138525389.1616247569; consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

content-type
text/html
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
content-encoding
gzip
date
Sat, 20 Mar 2021 12:58:45 GMT
etag
W/"f895edfe84fb752b0b1fea2c750ad685"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
WDwsoiKm1pi1guDojahd_YW8tsIEaRteCYrQtrRrF3Yr61J7qsf0SQ==
age
2445
itm.html
itm.ivitrack.com/v1/taboola-iframe/ Frame A004 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
101a4ec981f5beb13cd02aa0876512f9b5f1dc69d0b2f90ddda1828677c492b0

Request headers

:method
GET
:authority
itm.ivitrack.com
:scheme
https
:path
/v1/taboola-iframe/itm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

server
istio-envoy
date
Sat, 20 Mar 2021 13:29:34 GMT
content-type
text/html; charset=utf-8
content-length
1307
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
age
595
cache-control
public, max-age=3600
alt-svc
clear
itm.html
itm.ivitrack.com/v1/liveramp-iframe/ Frame A994 		972 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
199482e6847d08a05f94318cb98a01eb05fdf420bdceeda9e2e50f1822bf33cd

Request headers

:method
GET
:authority
itm.ivitrack.com
:scheme
https
:path
/v1/liveramp-iframe/itm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

server
istio-envoy
date
Sat, 20 Mar 2021 12:40:55 GMT
content-type
text/html; charset=utf-8
content-length
972
x-envoy-upstream-service-time
5
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
age
3514
cache-control
public, max-age=3600
alt-svc
clear
cookie.html
cross-prod.antvoice.com/ Frame 8FCC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cross-prod.antvoice.com/cookie.html?v=20160624
Requested by
Host: js.antvoice.com
URL: https://js.antvoice.com/sr-gala.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.89.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40f6000577d7166bd28685ea2dbb24080bde08fda594f4d612e602b0ca320af2

Request headers

:method
GET
:authority
cross-prod.antvoice.com
:scheme
https
:path
/cookie.html?v=20160624
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

x-guploader-uploadid
ABg5-UzxRwIIyDbxE3clo8nVy2mlzoyJoH8mWplV-fG8ZE886gJ7otcEq1jpQmnEIGIAPjcc0VnOyDLM91MWNfzIrRs
date
Fri, 19 Mar 2021 11:16:49 GMT
expires
Sat, 19 Mar 2022 11:16:49 GMT
last-modified
Thu, 09 May 2019 08:07:05 GMT
etag
"394af810d0d0ac6336cb9381158fc56e"
x-goog-generation
1557389225986260
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
4053
content-type
text/html
content-encoding
gzip
x-goog-hash
crc32c=QKorqw== md5=OUr4ENDQrGM2y5OBFY/Fbg==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
4053
access-control-allow-origin
*
server
UploadServer
cache-control
public, max-age=315360000
age
94960
alt-svc
clear
NotifyNodesAction
social-reco.antvoice.com/Activity/ 		20 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://social-reco.antvoice.com/Activity/NotifyNodesAction?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
SyncId
ads.avads.net/ThirdParty/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3D950cd223-ca24-4eff-8fd2-c30c904006c9%26tp%3D1%26tpId%3D%24UID
  • https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=8797344807167814618
35 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=8797344807167814618
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
x-envoy-upstream-service-time
5
server
istio-envoy
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
748d12de-0328-4228-8a53-e25c582ca4c6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&tp=1&tpId=8797344807167814618
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avads.net/ThirdParty/SyncDoubleClick/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_tc=
  • https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_gid=CAESEO2kBvktepWRch8n-CUn930&google_cver=1
35 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_gid=CAESEO2kBvktepWRch8n-CUn930&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=950cd223-ca24-4eff-8fd2-c30c904006c9&google_gid=CAESEO2kBvktepWRch8n-CUn930&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
355
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
learn
fr-gmtdmp.mookie1.com/t/v2/ 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fr-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_663622&src.rand=%5Btimestamp%5D&depp=6.3.2-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.238.186.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
modules.80e35cdf321570eb5b34.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.80e35cdf321570eb5b34.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-308465.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-122.dus51.r.cloudfront.net
Software
/
Resource Hash
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
184522
x-cache
Hit from cloudfront
content-length
58627
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 10:23:26 GMT
etag
"4a7c1a7cb16c5ef7e63405bd6f9a943a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
BoWyC4yqG4nlDJ2-YGDgnR7GnjOQhPLWOt_7J2d3j_-XqjMZzCzflA==
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=453617084824724&ev=PageView&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&rl=http%3A%2F%2Fwtm.info-people.fr%2F&if=false&ts=1616247569800&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616247569759.1846091952&it=1616247569632&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 20 Mar 2021 13:39:29 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2DA6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-308465.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-3.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
fBXH97Pv7TOwRcHiZ8qI5mYxdfEgF7Po82F6sfolsIhhtKBukK8pTw==
age
10096707
monitoring-df313c4.js
cdn.pbstck.com/ 		158 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-df313c4.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4db9d090aae49db15bcc47983205d60df696285b62b76da424e484c6e6b2be4

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
content-encoding
br
cf-cache-status
HIT
age
164983
x-guploader-uploadid
ABg5-Uwp17iYYRvKcUNLnbywMKvgGynRQeS61ql8cdzcsOZZQ7zBOLOFQoAsMs7wot6HsyUkpiHFGv6IpHQE5u8WZ45gJ-kEgw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175d5ea0000145670927000000001
last-modified
Thu, 11 Mar 2021 15:48:51 GMT
server
cloudflare
etag
W/"dc56af7e09f5a45d21b566b67f3075a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KaGqxg==, md5=3Favfgn1pF0htWa2fzB1pA==
x-goog-generation
1615477731335639
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
45034
cf-ray
632f58cfdb5c1456-FRA
expires
Thu, 25 Mar 2021 15:49:42 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 47E0 		416 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1615905785.764688"
last-modified
Tue, 16 Mar 2021 14:26:49 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Sat, 20 Mar 2021 13:39:29 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247569~rv=100~id=204df38731dd772b9cf7c1e66b44ff93; path=/; Expires=Sat, 20 Mar 2021 13:39:29 GMT; Secure; SameSite=None
d3d3LmdhbGEuZnI=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdhbGEuZnI=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=42373
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
980c129e00bd437d05e3b88c8e6c64bf
Content-Length
16
Expires
Sun, 21 Mar 2021 01:25:43 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.45834578423313
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:29 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 19 Apr 2021 13:39:29 GMT
index.min.js
players.brightcove.net/811631557001/rktQWRD8_default/ 		1 MB
407 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-250.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0b33f0001c3e08e685c666d6c89bc8704b0f3cb2614cd2f6d73d0d2185c4c24

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zCCC7AJCCwx9ViWu1sqQ0OFkKnGq99sh
Content-Encoding
gzip
ETag
"ea3fd8817139a35d5d1f76c4b9921f79"
x-amz-request-id
A6KB05VYAZA7H29A
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
415858
x-amz-id-2
6zs9GufazNvDnogse6hAEJ1k9uA22mnLjg2AbD8McretHsOM/8CSFnk+HQC92Z5DafFPjDj50zQ=
X-BCOV-Response-Mode
1
X-Served-By
cache-dca17781-DCA
Last-Modified
Thu, 04 Mar 2021 20:35:16 GMT
Server
AmazonS3
X-Timer
S1614890193.966608,VS0,VE1
Date
Sat, 20 Mar 2021 13:39:29 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=176
Accept-Ranges
bytes
X-Cache-Hits
1
Cookie set /
d.agkn.com/iframe/8613/ Frame 98D4 		491 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=839272978&gdpr=0&gdpr_consent=undefined&ref=http%3A%2F%2Fwtm.info-people.fr%2F&bpid=prisma&c=%7B%22bpid%22%3A%22prisma%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22gdpr%22%3A%220%22%2C%22gdpr_consent%22%3A%22undefined%22%2C%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22l_actu%22%2C%22brd%22%3A%22Gala%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.142.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-142-164.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cd6319e76c2c76cab449913127bc62e2f2bbb0aa57ca79a7663453450f2f398c

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Sat, 20 Mar 2021 13:39:33 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AKPLrvB44iUJsJ7w9dqUpSAMyJWh5cwPH;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAn6LeVJ-i3lQAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length
491
Connection
keep-alive
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185598
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a7241deec8e006b95bc0fa0b9dc83a2efbedbc6978a59be9ca58fcf6e28a2b0b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gala.fr
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 19 Apr 2021 13:39:30 GMT
identity
api.rlcdn.com/api/ 		0
0
cachedClickId
tr.outbrain.com/ 		0
0
unifiedPixel
tr.outbrain.com/ 		0
0
Notice.37f30.css
consent.gala.fr/ Frame B416 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/Notice.37f30.css
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:34:12 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
320
etag
W/"227670f327655cdc0f6317b8d0f58d27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hRsqz0Uxk26MMZSY406wvmi7QpEhQ77ECOWAoFBPmm8hc6RwReHFEA==
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:30 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
84632
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Fri, 19 Mar 2021 14:10:56 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
i12BJbp7WL7jIH8eTh77VfOit1YKm1uRi90uy6miC6OCpUgCkiw7kQ==
user.sync
api.taboola.com/1.2/json/ividence-radins/ Frame A004 		83 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/1.2/json/ividence-radins/user.sync?app.type=desktop&app.apikey=357f535e3db3aabb54e25b9dbadc181b278642cd
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41cf4019ac2c9bd46cea15aea7a631587f78b70efb1317c8166b002191a7a6b5

Request headers

Referer
https://itm.ivitrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
53
date
Sat, 20 Mar 2021 13:39:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1616247573.073140,VS0,VE53
x-served-by
cache-hhn11546-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://itm.ivitrack.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=utf-8
x-cache-hits
0
cmp_list_v2.js
tag.agrvt.com/tag/v2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.agrvt.com/tag/v2/cmp_list_v2.js
Requested by
Host: tag.agrvt.com
URL: https://tag.agrvt.com/tag/v2/wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1c559dbccf42b51e987345471ef5ba527eda99fcce99a3711f779546fa9c1a5f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:59:06 GMT
content-encoding
br
x-cacheable
Matched cache
status
ok
x-cdn-pop
rbx1
content-length
1622
x-request-id
34865155
last-modified
Tue, 16 Mar 2021 14:38:25 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
W/"198f-1783b7941cf"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 23 Mar 2021 16:59:06 GMT
Cookie set usersync
usersync.getpublica.com/ Frame E6B5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Requested by
Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
19ef20ce8fed629cfea1cf81802fb712bfcf313f295feccf623e34ad789fdc5d

Request headers

Host
usersync.getpublica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires
0
Pragma
no-cache
Set-Cookie
p_uid=443b5777-fe89-4dc7-be67-551a82bfdc51; Path=/; Domain=getpublica.com; Expires=Wed, 19 May 2021 13:39:31 GMT; Max-Age=5184000; Secure; SameSite=None
Vary
Origin
Date
Sat, 20 Mar 2021 13:39:31 GMT
Content-Length
1579
Content-Type
text/html; charset=utf-8
polyfills.65071.js
consent.gala.fr/ Frame B416 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/polyfills.65071.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:49:56 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
2979
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZqRG_zSiTKEdJ_L7sbDPlkbuI5INotA3xlBGvnKSFGLalO3E6qV-VA==
Notice.2f2bf.js
consent.gala.fr/ Frame B416 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/Notice.2f2bf.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=8d923b10-de24-4ea5-9132-4d2044b35f3f&requestUUID=a29ac254-d302-4766-a61e-7061d4e5e7ed&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:42:43 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
3410
etag
W/"c85163727e52a58ce3e4990198570614"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
RZhF0-NQe5pwOvdRpcOgIlcWdvf3WkLODpy8Az1SVPqoHN03iFXVXA==
fire.js
s.cpx.to/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12166/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
62c2fc3365ed2492734b2f4d6fd5f80d9a4309f1cf04109821c3d2448dd431fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
992
Expires
Fri, 19 Mar 2021 08:50:20 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 47E0 		610 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1615905786.501847"
last-modified
Tue, 16 Mar 2021 14:26:49 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Sat, 20 Mar 2021 13:39:30 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247570~rv=29~id=6253225ea006d1a9af716b270386b2fe; path=/; Expires=Sat, 20 Mar 2021 13:39:30 GMT; Secure; SameSite=None
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616247570135&sessionId=81065510-c991-f80d-5016-5a60b5273418&url=www.gala.fr&cheqSource=1&cheqEvent=0&exitReason=1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d444f589b04a130f789ebc98eb27f910
Content-Length
4
Expires
0
multi
abs.proxistore.com/fr/v3/rtb/prebid/ Frame 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_ban_atf_-_728x90&cmd=bid&secure=1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
54be03796409cf67c5a6980e09936995bdbc20e195c34ea79598b10aafbd7512

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.gala.fr
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_paveatf_-_300x250&cmd=bid&secure=1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
ed7309fc667c720cec2470a2c182cffffa3f8c2e74ac8812ae059d4f90af0dbb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.gala.fr
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
auction
tlx.3lift.com/header/ 		0
0
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.31.0&cb=7692676186
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gala.fr
date
Sat, 20 Mar 2021 13:39:30 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
cygnus
htlb.casalemedia.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=262047&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22180780d49198ff2%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.31.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2219625977f881924%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222027a72e84fd7e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222123fc8acc05e28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22220b6b621e6188e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22351297%22%2C%22sid%22%3A%221800x1000%22%7D%2C%22banner%22%3A%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223b642433dab7f4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224f59b2a9164aa1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22252358d8c103217%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2226320e89c99a21e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219625977f881924%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%221000x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219625977f881924%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%221000x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A200%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c9d39fccbdec92605741fef4d72ab503f43f25bc1d2cf91dbcd85033d4d29c06

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.39.112.19], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.gala.fr
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
3683
x-ak-client-geo
12
expires
Sat, 20 Mar 2021 13:39:30 GMT
multi
abs.proxistore.com/fr/v3/rtb/prebid/ 		0
0
v1
prg.smartadserver.com/prebid/ 		0
0
v1
prg.smartadserver.com/prebid/ 		0
0
msq_prebid
pbs-front.mediasquare.fr/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		131 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3279&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&pr=http%3A%2F%2Fwtm.info-people.fr%2F&pid=6EFiA7E04DtaM&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%221000x90%22%2C%221000x200%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Fl_actu-news_de_stars%2FArticle%2FBanniere-Haute%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22120x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Fl_actu-news_de_stars%2FArticle%2FPave-Haut%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A3000%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
ac1b65838f5f59db03a46ca10833a421da8c1fb9385b713bdc1935328d4e5696

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
timing-allow-origin
*
content-length
135
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-id
GEGryyj5b7AJ6iT-glOhvwkSxA-YKfMz7RcnaARTpSbOZ6Z9ZUJNUQ==
VideoAdContent
bid.videostep.com/Bid/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.videostep.com/Bid/VideoAdContent?location=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221&videoAdHtmlId=7k96cmoh&showFallback=false&ivbsCampIdsLocal=undefined&bidParamsJson=%7B%22placementIds%22%3A%5B%22invibes_middle_gala%22%5D%2C%22auctionStartTime%22%3A1616247570250%2C%22bidVersion%22%3A4%7D&capCounts=&vId=1ykzl44t&width=1600&height=1200&oi=2&kw=D%C3%A9but%2Cmars%2Cnos%2Cconfr%C3%A8res%2Cdu%2CPoint%2Cr%C3%A9v%C3%A9laient%2Cque%2CBrigitte%2CMacron%2Ctest%C3%A9e%2Cpositive%2C%C3%A0%2Cla%2CCovid-19%2Cau%2Cmoment%2Cdes%2Cf%C3%AAtes%2Cde%2Cfin%2Cd%27ann%C3%A9e%2Cn%27avait%2Cpas%2Cpu%2Cencore%2Cpriv%C3%A9e%2Cses%2Cpetits-enfantsnbsp%2Cpourquoi%2Cle%2Creconfinement%2Cne%2Cl%27arrange%2C-%2CGala&purposes=false%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse&tc=undefined
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
104.153.197.189 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
104-153-197-189.customer.totaluptime.net
Software
/ ASP.NET
Resource Hash
84f65e86b46feeeaafa8fd03af0d4e61d36e4c07fa73f7ef1e12ac8e7d27e73c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Content-Encoding
gzip
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gala.fr
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
3310
v1
prg.smartadserver.com/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
bid-request
a.teads.tv/hb/ 		0
0
cygnus
htlb.casalemedia.com/ 		25 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=262784&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248ccfbb9cb87c95%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.31.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249b6304298cb03b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225083fc2df26fd7d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251a81bb13baf892%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22520f5a54497bbab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ede88e9721c488ab9d8025767c73fa20f29146c947bd39828c78198f03887bb3

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.39.112.19], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.gala.fr
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 20 Mar 2021 13:39:30 GMT
msq_prebid
pbs-front.mediasquare.fr/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_pavebtf_-_300x250&cmd=bid&secure=1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
8a207c4a6b4335f049877c70b610847221fc81e4bbce7d7909abb9697f9f38f9

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.gala.fr
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_pavebtf_-_300x250&cmd=bid&secure=1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
3382c5e7038c0eaf55a445297162b532a1b6b2f2d62040e29d79e423c0c88552

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.gala.fr
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.31.0&cb=52193525233
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gala.fr
date
Sat, 20 Mar 2021 13:39:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
tlx.3lift.com/header/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		131 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3279&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&pr=http%3A%2F%2Fwtm.info-people.fr%2F&pid=6EFiA7E04DtaM&cb=1&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Fl_actu-news_de_stars%2FArticle%2FPave-Bas%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Fl_actu-news_de_stars%2FArticle%2FPave-Bas2%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A3000%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
485727a21b3eefd2fd346348d5917f477e27b47bc82481a1b02b581bb0e57378

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
timing-allow-origin
*
content-length
135
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-id
GpUwBYv_nPgYv0hRrYDi3mx_QCDyVQvgrii6owaasgQu1qj6ly7iPg==
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
etag
"f30dac97e5c2aaa10a7695b93cc66699"
x-served-by
cache-hhn4072-HHN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7231
x-cache-hits
281934
gala-video-brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-l-arrange-pas.jpg
gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2Fe6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4.2F0a0da5d6-c4e0-4a1d-a7d6-10895231eb4f.2F128... 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2Fe6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4.2F0a0da5d6-c4e0-4a1d-a7d6-10895231eb4f.2F1280x720.2Fmatch.2Fimage.2Ejpg/1280x720/quality/80/gala-video-brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-l-arrange-pas.jpg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAA) /
Resource Hash
748e1ef92bef1d36dc2d500c5aa01705ec3b00bab6c3596e88f91fe826967b48

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
last-modified
Fri, 19 Mar 2021 17:55:20 GMT
server
ECAcc (mil/6BAA)
age
71050
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
X-Photosphere
content-length
125640
expires
Sun, 20 Mar 2022 13:39:30 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://www.gala.fr
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
6242034877001
edge.api.brightcove.com/playback/v1/accounts/811631557001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/811631557001/videos/6242034877001
Protocol
HTTP/1.1
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.gala.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Sat, 20 Mar 2021 13:39:30 GMT
Via
1.1 varnish, 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
X-Served-By
cache-fra19153-FRA
X-Cache-Hits
0
X-Timer
S1616247571.606783,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
oC8DALiwhvBRBN8rVXRHLZNEbiZTV9wjsb9yyL9D2ozU_Ehe6-sd3Q==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		330 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116759
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:30 GMT
mu-5.3.js
prof.estat.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prof.estat.com/js/mu-5.3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.236.153.130 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f0426609e4f9124e4ba57c507ed49f0c0555e80b2ecb85f1570905cb1a6e1ad

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 10:05:34 GMT
server
nginx/1.18.0
etag
W/"604899ee-3d60"
content-type
application/javascript
cache-control
max-age=2592000
expires
Mon, 19 Apr 2021 13:39:30 GMT
index.php
contents.adpaths.com/v3/publisher-brightcove-plugin/ 		388 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contents.adpaths.com/v3/publisher-brightcove-plugin/index.php?publicationId=7nlkRwd&final=1
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-120.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
a8b99a966f3708223fd5a3421b6f21967dc252b752c2f3a6884dd3e0d8970eda

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:04 GMT
Content-Encoding
gzip
Server
Apache
Age
27
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript; charset=utf-8
Via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
af0gnrb91Sxc4-ZweNG1oYLvL9D0zircO6tC1oQqs3jnU3Wzcpo8DA==
6242034877001
edge.api.brightcove.com/playback/v1/accounts/811631557001/videos/ 		4 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/811631557001/videos/6242034877001
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
/
Resource Hash
b5d9b7bc003c83fed08674aeb00c63750f1c0ecfe8a58d1a230cf64de48b34b8

Request headers

Accept
application/json;pk=BCpkADawqM1xv5JSBGWHpqBZ_0UaYng2aoEU45zdTl6YFQErdrU1YKvllsWSNgI93DZSpCJ4xOdH6z6TCI19pQ6T6YI6YAu3z5azXCTFRM40ckYy_fwoPftY8W0
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:30 GMT
Powered-From
eu-central-1a
Bcov-Request-Id
991121d6-b2d5-430c-aeb0-e44b22225ed3
Age
1003
Policy-Key-Accountid
811631557001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
4420
Via
1.1 varnish, 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
X-Served-By
cache-fra19144-FRA
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM1xv5JSBGWHpqBZ_0UaYng2aoEU45zdTl6YFQErdrU1YKvllsWSNgI93DZSpCJ4xOdH6z6TCI19pQ6T6YI6YAu3z5azXCTFRM40ckYy_fwoPftY8W0
X-Timer
S1616247571.637959,VS0,VE0
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
36i9LciSbfjeIkUKyxAxIRb5C-9iNeAdG-V4Igmqr2bcNKA94vaudA==
X-Cache-Hits
2
tracker
metrics.brightcove.com/v2/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6942d7b9b8e8e1df86b41ead&account=811631557001&destination=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&platform_version=6.48.5&player=players.brightcove.com%2F811631557001%2FrktQWRD8_default&player_name=Gala.fr%20-%20Player%20Article%20Principal&source=http%3A%2F%2Fwtm.info-people.fr%2F&event=player_init&time=1616247570533&seq=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sat, 20 Mar 2021 13:39:30 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6942d7b9b8e8e1df86b41ead&account=811631557001&destination=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&platform_version=6.48.5&player=players.brightcove.com%2F811631557001%2FrktQWRD8_default&player_name=Gala.fr%20-%20Player%20Article%20Principal&source=http%3A%2F%2Fwtm.info-people.fr%2F&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F811631557001%2Fvideos%2F6242034877001&time=1616247570538&seq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sat, 20 Mar 2021 13:39:30 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ 		131 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3279&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&pr=http%3A%2F%2Fwtm.info-people.fr%2F&pid=6EFiA7E04DtaM&cb=2&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A3000%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
c992a01acf3cd7f2811269cc806ee9f77233f6031dc0a50cc84c17ad04927001

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
timing-allow-origin
*
content-length
135
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
x-amz-cf-id
8dk9P0f93ZeyvhUicaKah5FLiVMFwpvj_G39WO4uhmoTAfDcJS80xw==
collect
www.google-analytics.com/ 		35 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1173691927&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=http%3A%2F%2Fwtm.info-people.fr%2F&ul=en-us&de=UTF-8&dt=Brigitte%20Macron%20encore%20priv%C3%A9e%20de%20ses%20petits-enfants%C2%A0%3A%20pourquoi%20le%20reconfinement%20ne%20l%27arrange%20pas%20-%20Gala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Player%20Load&el=6242034877001%20%7C%20%20%7C%20rktQWRD8%20%7C%20Gala.fr%20-%20Player&_u=aEBAAAABAAAAAC~&jid=&gjid=&cid=1138525389.1616247569&tid=UA-18383854-2&_gid=231440631.1616247569&cd11=no&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd21=https&cd13=1&cd19=leader&cd18=%2Cpremi%C3%A8re%20dame%2Cconfinement%2CPetits-enfants%2CLe%20Touquet%2CBrigitte%20Macron%2C&cd27=http%3A%2F%2Fwtm.info-people.fr%2F&cd29=795129c5-b90c-4ce2-bf25-3d6a2f21ae2e&cd34=0&cd30=Article%3A65f0e967-d21a-4ffd-834a-db7755b4cf9a&cd32=1138525389.1616247569&z=1128543445
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:07:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1920
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame B416 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=2667&consentLanguage=fr
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/Notice.2f2bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-31.dus51.r.cloudfront.net
Software
/
Resource Hash
28edbb3857f4d86b41825fa010d80aa32e032fc0ff95bdd40d3b4317c3c6e6ae

Request headers

Referer
https://consent.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://consent.gala.fr
cache-control
no-cache
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
Lw47t7ZekL_JaM3i5pcYvAUzza6qyvV0dwzuuIHOFfQahWT3NjbLcw==
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
get
odb.outbrain.com/utils/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221&idx=0&rand=47449&key=NANOWDGT01&widgetJSId=AR_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=225&py=2558&vpd=1358&cw=757&settings=true&recs=true&version=2000250&sig=Ty2h6Kn3&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&wdr-natlaz=true&aqp=utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d7c18e1f86e566be71c4cffe3766875fb424eb1fecedf5717af684222715576

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.53
x-cache-hits
0, 0
x-traceid
b3d05639df9103f0aabe548b442f4abb
content-encoding
gzip
content-length
8970
x-served-by
cache-mdw17353-MDW, cache-hhn4043-HHN
x-timer
S1616247571.913358,VS0,VE251
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarynatt5lp7LIFHtaMw

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 20 Mar 2021 13:39:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
a057591e-1a66-4971-ac14-53006e2f85fa
https://www.gala.fr/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/a057591e-1a66-4971-ac14-53006e2f85fa
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
30b8448b-17c2-4acb-9c23-79b1227da8cb
https://www.gala.fr/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/30b8448b-17c2-4acb-9c23-79b1227da8cb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
f63b151e-a922-4861-876a-b49457dc26ac
https://www.gala.fr/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/f63b151e-a922-4861-876a-b49457dc26ac
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
60144308-9158-459a-9f61-e76383662a0b
https://www.gala.fr/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/60144308-9158-459a-9f61-e76383662a0b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
4088cc12-be36-41f0-b53c-b448eed31bab
https://www.gala.fr/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/4088cc12-be36-41f0-b53c-b448eed31bab
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
error
intake.pbstck.com/v1/intake/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/error?sId=be9978eb&tId=dbb1dd3d-4ef4-418b-8674-c575d2a7ac81&c=1&ctr=DE
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
632f58d48f0f1456-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175d8d100001456b31d3000000001
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6942d7b9b8e8e1df86b41ead&account=811631557001&destination=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&platform_version=6.48.5&player=players.brightcove.com%2F811631557001%2FrktQWRD8_default&player_name=Gala.fr%20-%20Player%20Article%20Principal&source=http%3A%2F%2Fwtm.info-people.fr%2F&usage=vr!1.7.2&usage=plugin_eStat!&usage=AdwBrightcoveVastLoaderPlugin!&usage=inpage-embed&event=player_load&time=1616247570646&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=26000000&qos.performance.memory.totalJSHeapSize=35100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1616247569264&qos.performance.timing.loadEventStart=1616247569264&qos.performance.timing.domComplete=1616247569264&qos.performance.timing.domContentLoadedEventEnd=1616247569199&qos.performance.timing.domContentLoadedEventStart=1616247569199&qos.performance.timing.domInteractive=1616247569199&qos.performance.timing.domLoading=1616247569052&qos.performance.timing.responseEnd=1616247569062&qos.performance.timing.responseStart=1616247569049&qos.performance.timing.requestStart=1616247568890&qos.performance.timing.secureConnectionStart=1616247568860&qos.performance.timing.connectEnd=1616247568889&qos.performance.timing.connectStart=1616247568848&qos.performance.timing.domainLookupEnd=1616247568848&qos.performance.timing.domainLookupStart=1616247568848&qos.performance.timing.fetchStart=1616247568847&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1616247568847&qos.player.dimensions=%5B%5B1616247570646%2C%220x0%22%2C%22768x432%22%5D%5D&qos.player.pixelratio=%5B%5B1616247570646%2C1%5D%5D&qos.player.screendimensions=%5B%5B1616247570646%2C%221600x1200%22%5D%5D&seq=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sat, 20 Mar 2021 13:39:30 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 3FD3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
253 B
938 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bcdb9fade795269e47aae2239d8133dc5c739a28ac4d56aec54abaf07c5007f0

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AwabC5lE9kWlqgXSlihgN5w|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Server
Server
Date
Sat, 20 Mar 2021 13:39:31 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
201
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=AwabC5lE9kWlqgXSlihgN5w; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 13:39:30 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 13:39:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sat, 20 Mar 2021 13:39:30 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Set-Cookie
ad-id=AwabC5lE9kWlqgXSlihgN5w|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 13:39:30 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6942d7b9b8e8e1df86b41ead&account=811631557001&destination=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&platform_version=6.48.5&player=players.brightcove.com%2F811631557001%2FrktQWRD8_default&player_name=Gala.fr%20-%20Player%20Article%20Principal&source=http%3A%2F%2Fwtm.info-people.fr%2F&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F811631557001%2Fvideos%2F6242034877001&time=1616247570696&response_time_ms=158&seq=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sat, 20 Mar 2021 13:39:30 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
token
token.rubiconproject.com/ 		0
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=1b2b41604fa93579&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9
  • https://s.cpx.to/ca.png?dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9&google_gid=CAESEGXrywABWluDae6U90J6ynU&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9&google_gid=CAESEGXrywABWluDae6U90J6ynU&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=018bef44-8fe3-42a5-9968-599e82771ee9&google_gid=CAESEGXrywABWluDae6U90J6ynU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12166%26ref%3Dhttp%253A%252F%252Fwtm.info-people.fr%252F%26hn_ver%3D11%26fid%3D018bef44-8fe3-42a5-9...
  • https://s.cpx.to/an_fire?app_nexus_uid=8797344807167814618&pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=018bef44-8fe3-42a5-9968-599e82771ee9
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8797344807167814618&pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 20 Mar 2021 13:39:30 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid
e1f810d3-d639-4143-bbe0-26af3b457960
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8797344807167814618&pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9&cklb=1
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=357014492309402438&fid=018bef44-8fe3-42a5-9968-599e82771ee9
95 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=357014492309402438&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:34 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 20 Mar 2021 13:39:34 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=357014492309402438&fid=018bef44-8fe3-42a5-9968-599e82771ee9
pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
cache-control
no-cache,no-store
x-smrt-reason
5
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=1289e5ee-86e1-4263-abdd-854b113cf0a1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=1289e5ee-86e1-4263-abdd-854b113cf0a1&dsp=TTD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:30 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 20 Mar 2021 13:39:30 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=1289e5ee-86e1-4263-abdd-854b113cf0a1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D018bef44-8fe3-42a5-9968-599e82771ee9
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=479081DD-7026-4432-90A4-D643F8747759&fid=018bef44-8fe3-42a5-9968-599e82771ee9
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=479081DD-7026-4432-90A4-D643F8747759&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-147-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 20 Mar 2021 13:39:32 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=479081DD-7026-4432-90A4-D643F8747759&fid=018bef44-8fe3-42a5-9968-599e82771ee9
Date
Sat, 20 Mar 2021 13:39:30 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
pool.grid-data.bidswitch.net/ 		0
0
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame 0A8F 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
518992
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:30 GMT
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.159.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:30 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/10s/master.m3u8?fastly_token=NjA1NjRmNjFfMzI3N2RiY2Q4Y2U0OWJkNzAzMzcwMGU1MDI1ZWMwY2U5NDdjNGVmZTZjYzg0MTEwNmQxOWI4MTVmYWU5NTRlYQ%3D%3D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
844fb557b50a3f4a542b19ed7f27658b47b071fbddb71aaa4c827895ecffba62

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:30 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
3615
x-served-by
cache-fra19172-FRA
x-device-group
desktop-chrome
x-timer
S1616247571.905853,VS0,VE44
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
d8c623ec-124e-4a62-bd13-a46dea956279
https://www.gala.fr/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/d8c623ec-124e-4a62-bd13-a46dea956279
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5d7a893feaa660498e186105c873cb64084fd3e7f6fb0dbc2e7274192c4f5fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5192
Content-Type
application/javascript
a0ae9261-b40f-4009-a5ca-237ef59496d3
https://www.gala.fr/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/a0ae9261-b40f-4009-a5ca-237ef59496d3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b47b796c880bc2b8c31efef2be5da7ec23035a8271cd015634ee7f5cf75f9d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
85961
Content-Type
application/javascript
64b5fe7c-fc51-4617-aa46-0e3352dfc637
https://www.gala.fr/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.gala.fr/64b5fe7c-fc51-4617-aa46-0e3352dfc637
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b47b796c880bc2b8c31efef2be5da7ec23035a8271cd015634ee7f5cf75f9d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
85961
Content-Type
application/javascript
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ACCD 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
960
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Sat, 20 Mar 2021 14:23:30 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6942d7b9b8e8e1df86b41ead&account=811631557001&destination=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&platform_version=6.48.5&player=players.brightcove.com%2F811631557001%2FrktQWRD8_default&player_name=Gala.fr%20-%20Player%20Article%20Principal&source=http%3A%2F%2Fwtm.info-people.fr%2F&time=1616247570909&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.6.2%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A10000%7D&video=6242034877001&video_name=GALA%20VIDEO%20-%20Brigitte%20Macron%20encore%20priv%C3%A9e%20de%20ses%20petits-enfants%20%3A%20pourquoi%20le%20reconfinement%20ne%20l%27arrange%20pas.&video_duration=73&autoplay=false&preload=none&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sat, 20 Mar 2021 13:39:30 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/2e191a55-166c-4980-a1aa-f7c31a23c2ab/10s/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/2e191a55-166c-4980-a1aa-f7c31a23c2ab/10s/rendition.m3u8?fastly_token=NjA1NjUzNGNfNTU4ZmE0ZjFlZTQ3ZDcyYWZkNmQ5MTM2NzEzMTE4MWQ4MTFiZjI0ODNmNTVmMGIyMTM1ZDgyMjUxNTM4MmE5Mg%3D%3D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
ca0b9435846e8a334281e309efa383eaa23ff0228206fdd7428d9e1ce6eb83a3

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
1649
x-served-by
cache-fra19172-FRA
x-device-group
desktop-chrome
x-timer
S1616247571.978549,VS0,VE72
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616247571028&sessionId=81065510-c991-f80d-5016-5a60b5273418&url=www.gala.fr&cheqSource=1&cheqEvent=3&responseTime=1124
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e52e6b3ccb19248727929de4a953ac76
Content-Length
4
Expires
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame A204 		901 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_smrt_rbd_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ebf7a4bd7667229c832ee11ec020cb0ee86245c4ce5f5c4a86a868aea6df2a6e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AwabC5lE9kWlqgXSlihgN5w; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_rbd_smrt_3lift&dcc=t

Response headers

Server
Server
Date
Sat, 20 Mar 2021 13:39:31 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
367
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/dbdd4799-28b2-440d-96a0-b2afaa4fd76f/10s/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/811631557001/e6c7bce3-8b0b-492a-ba09-fc76a7ddc9c4/dbdd4799-28b2-440d-96a0-b2afaa4fd76f/10s/rendition.m3u8?fastly_token=NjA1NjUzNGNfNTc5Nzg0MTRkZTZjNTA3MjI1N2JhMjRkMGIwODAxNWQ5ZTliODYzYTNkMzdlNTg4NmIyNTkyMmM2ZDJhOTg5NQ%3D%3D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
09c903952291619a7179284928d52b39c60ff788057d7d3cb0dd230342028a51

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
1642
x-served-by
cache-fra19172-FRA
x-device-group
desktop-chrome
x-timer
S1616247571.064057,VS0,VE58
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame DE70 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_smrt_rbd_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea117441665c1fdd9f839ae72c5c721bc6986287c5a9b0a7b7af4a420e33cfb8

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YFX7EmBV+xIB; CMDD=AAP-nwE*; CMID=YFX7EgrZP0-lLIYDBJaWPQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|195|196|90|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1758
Expires
Sat, 20 Mar 2021 13:39:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Connection
keep-alive
Set-Cookie
CMID=YFX7EgrZP0-lLIYDBJaWPQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 13:39:31 GMT CMPS=3173;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 13:39:31 GMT CMPRO=1169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 13:39:31 GMT CMRUM3=f16055fb1305a00&276055fb130b40&2d6055fb1305a0&5a6055fb1305a0&dd6055fb1327600&c36055fb1305a00&c46055fb1305a0&e66055fb1327600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 13:39:31 GMT CMDD=AAP-nwE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Mar 2021 13:39:31 GMT CMST=YFX7EmBV+xMB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Mar 2021 13:39:31 GMT
sync
ssbsync.smartadserver.com/api/ Frame F27F 		0
0
usync.html
eus.rubiconproject.com/ Frame 6EDE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_smrt_rbd_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Mar 2021 13:39:32 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FDBA
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4870140300022806032
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4870140300022806032
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_smrt_rbd_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AwabC5lE9kWlqgXSlihgN5w; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 20 Mar 2021 13:39:32 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Sat, 20 Mar 2021 13:39:32 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4870140300022806032
set-cookie
tluid=4870140300022806032; Max-Age=7776000; Expires=Fri, 18 Jun 2021 13:39:32 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Mon, 19 Apr 2021 13:39:31 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 19 Apr 2021 13:39:31 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=5d18042e0b45b7c87455ae0338cc4f82_2667_1616247571099&tm=1277&eT=0&widgetWidth=757&widgetHeight=310&widgetX=225&widgetY=2559&tpcs=0&wRV=2000250&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
X-TraceId
d48b0d80707b257a7a99a9bb15c0a0c6
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 94D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"db1d14ae239d70e094caa7f13a678edc:1616080768.630435"
last-modified
Thu, 18 Mar 2021 15:19:15 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Sun, 21 Mar 2021 13:39:31 GMT
date
Sat, 20 Mar 2021 13:39:31 GMT
content-length
5339
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247571~rv=95~id=6b76d31dac6f001b00940182da6688fe; path=/; Expires=Sat, 20 Mar 2021 13:39:31 GMT; Secure; SameSite=None
get
odb.outbrain.com/utils/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221&idx=1&rand=54716&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&t=NWQxODA0MmUwYjQ1YjdjODc0NTVhZTAzMzhjYzRmODI=&adblck=false&abwl=false&px=225&py=3418&vpd=2218&cw=757&settings=true&recs=true&version=2000250&sig=Ty2h6Kn3&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&wdr-natlaz=true&aqp=utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5b0714e9482184a8976d18be722fbb6a12818715bb1aa4ac4a0dd12716b1eb3

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.82
x-cache-hits
0, 0
x-traceid
f98a5963cb901c4f92809aae54180388
content-encoding
gzip
content-length
12903
x-served-by
cache-mdw17382-MDW, cache-hhn4043-HHN
x-timer
S1616247571.239434,VS0,VE260
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6IjlmMWRjOThjMTkzMGFhNmI0OWM3Njk5YmIyOWNhZDE3Njk2ZTQ0ODE5NzIzMmIyNWY4Y2UwOWIxM2YyMDY2MDEiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlmMWRjOThjMTkzMGFhNmI0OWM3Njk5YmIyOWNhZDE3Njk2ZTQ0ODE5NzIzMmIyNWY4Y2UwOWIxM2YyMDY2MDEiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
917d49a97131cf2fe435b05ebbfb3e05059e10db68b39b6c54db726aa2a062fd

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=287543
last-modified
Wed, 17 Feb 2021 10:22:12 GMT
x-traceid
5521dc5fe81eb4660e4cdf48f1c9eedf
timing-allow-origin
*
content-length
54868
content-type
image/webp
eyJpdSI6ImIyNTk5OTdjYzQ4YTEyZjM5YzYwZWVhYzczZTk2MGU3ZDRkOTVhYTIyODZkOWFiNWIyMjZlNjFjOGM4ZjNjMzciLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIyNTk5OTdjYzQ4YTEyZjM5YzYwZWVhYzczZTk2MGU3ZDRkOTVhYTIyODZkOWFiNWIyMjZlNjFjOGM4ZjNjMzciLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0903e0655c555b38589bb56a8e12b3d0f9d53abd1438e5705ec81b40841248eb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=955269
last-modified
Mon, 22 Feb 2021 16:02:09 GMT
x-traceid
682294ac530d2dcb8d346767936f0f6f
timing-allow-origin
*
content-length
30174
content-type
image/webp
eyJpdSI6IjkxOTMwYjNlY2ZkNjJmNTE2YzFiZDJiZWYwYjFhZGE3ZDZjMjVhM2ExNGZmYzFjMGZmNzY5MjczZjM1YjE0MWYiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkxOTMwYjNlY2ZkNjJmNTE2YzFiZDJiZWYwYjFhZGE3ZDZjMjVhM2ExNGZmYzFjMGZmNzY5MjczZjM1YjE0MWYiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2715a1e4e16f95260a0e4799797b5dbaa2d2c61ff529d201f14ca88f3afe8831

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=409608
last-modified
Thu, 04 Feb 2021 16:42:35 GMT
x-traceid
15b8b583d671d6d91b2d6ad2e5edbbec
timing-allow-origin
*
content-length
62088
content-type
image/webp
crum
dsum-sec.casalemedia.com/ Frame DE70
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DE70 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_user_id=YFX7EgrZP0-lLIYDBJaWPQAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame DE70 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame DE70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBJk87jZ81BqV96AY9FQyfY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBJk87jZ81BqV96AY9FQyfY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEBJk87jZ81BqV96AY9FQyfY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-sync
nep.advangelists.com/xp/ Frame DE70 		0
0
us.php
gu.dyntrk.com/adx/ie/ Frame DE70 		0
0
pm_match
um.simpli.fi/ Frame DE70 		0
0
tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame DE70
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
49 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.68
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFX7EgrZP0-lLIYDBJaWPQAA%261169
cache-control
no-cache
x-server
10.45.1.6
content-length
0
expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DE70 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch
usersync.getpublica.com/ Frame E6B5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26Pubm...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26Pubm...
  • https://usersync.getpublica.com/usermatch?provider=pubmatic&did=443b5777-fe89-4dc7-be67-551a82bfdc51&PubmaticID=479081DD-7026-4432-90A4-D643F8747759
0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=pubmatic&did=443b5777-fe89-4dc7-be67-551a82bfdc51&PubmaticID=479081DD-7026-4432-90A4-D643F8747759
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:34 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Location
https://usersync.getpublica.com/usermatch?provider=pubmatic&did=443b5777-fe89-4dc7-be67-551a82bfdc51&PubmaticID=479081DD-7026-4432-90A4-D643F8747759
Date
Sat, 20 Mar 2021 13:39:33 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
usermatch
usersync.getpublica.com/ Frame E6B5
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dsmartadserver%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26SmartID%3D%5Bsas_uid%5D&gdpr=&u...
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dsmartadserver%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26SmartID%3D%5Bsas_uid%5D&gdpr=&u...
  • https://usersync.getpublica.com/usermatch?provider=smartadserver&did=443b5777-fe89-4dc7-be67-551a82bfdc51&SmartID=2652231189792076781
0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=smartadserver&did=443b5777-fe89-4dc7-be67-551a82bfdc51&SmartID=2652231189792076781
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:34 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

location
https://usersync.getpublica.com/usermatch?provider=smartadserver&did=443b5777-fe89-4dc7-be67-551a82bfdc51&SmartID=2652231189792076781
pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
cache-control
no-cache,no-store
x-smrt-reason
5
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
pixel.advertising.com/ups/58402/ Frame E6B5 		0
0
usermatch
usersync.getpublica.com/ Frame E6B5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190692&cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26IndexID%3D&gdpr=&us_p...
  • https://usersync.getpublica.com/usermatch?provider=index&did=443b5777-fe89-4dc7-be67-551a82bfdc51&IndexID=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=index&did=443b5777-fe89-4dc7-be67-551a82bfdc51&IndexID=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://usersync.getpublica.com/usermatch?provider=index&did=443b5777-fe89-4dc7-be67-551a82bfdc51&IndexID=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
330
Expires
Sat, 20 Mar 2021 13:39:31 GMT
usermatch
usersync.getpublica.com/ Frame E6B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=$UID&gdpr=&us_privacy=&consent=
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=8797344807167814618&gdpr=&us_privacy=&consent=
0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=8797344807167814618&gdpr=&us_privacy=&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid
4e952e07-c27a-4ec5-8698-2f9a4e137688
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.getpublica.com/usermatch?provider=appnexus&did=443b5777-fe89-4dc7-be67-551a82bfdc51&appnexusID=8797344807167814618&gdpr=&us_privacy=&consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
cs.emxdgt.com/ Frame E6B5 		0
0
sync
sync.bfmio.com/ Frame E6B5
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=176&pcid=443b5777-fe89-4dc7-be67-551a82bfdc51&gdpr=&us_privacy=&consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=1289e5ee-86e1-4263-abdd-854b113cf0a1
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=1289e5ee-86e1-4263-abdd-854b113cf0a1
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=1289e5ee-86e1-4263-abdd-854b113cf0a1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
user-registering
ads.stickyadstv.com/ Frame E6B5 		43 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1297&userId=443b5777-fe89-4dc7-be67-551a82bfdc51&gdpr=&us_privacy=&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1616247572489001-339
Expires
Sat, 20 Mar 2021 13:39:32 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Mon, 19 Apr 2021 13:39:31 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:31 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 19 Apr 2021 13:39:31 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=2747fe8ff2215179d3419df2ad028172_2667_1616247571431&tm=1613&eT=0&widgetWidth=757&widgetHeight=765&widgetX=225&widgetY=3419&wRV=2000250&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
X-TraceId
e39dc3a1b60045a2f649bbe637fa5fba
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjgyYWUzMzI0YzhjNjYzNjRhZDg3N2U1Mjc1ZTMxOTMyMjRjNzhkZWMxNWYxNGM2MWNhZGM5ZWZmMWRhOWEwZWIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgyYWUzMzI0YzhjNjYzNjRhZDg3N2U1Mjc1ZTMxOTMyMjRjNzhkZWMxNWYxNGM2MWNhZGM5ZWZmMWRhOWEwZWIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10542239c05f2f0a6a2ea374f99d6369dd12a6eb79242b72f4f6fe680398fc38

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=414778
last-modified
Mon, 08 Feb 2021 12:33:42 GMT
x-traceid
b9b7925c293732769eb0c6ce152398e3
timing-allow-origin
*
content-length
43346
content-type
image/webp
eyJpdSI6IjNhMmI2ZTg4MWVmMGE4NDFjM2Q3MTAzYjgwMDY2YmE2MGIzZDFjZmI4YTU5YzY4ZWU3ZmEyZmVkOWM0ZGJiMWMiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNhMmI2ZTg4MWVmMGE4NDFjM2Q3MTAzYjgwMDY2YmE2MGIzZDFjZmI4YTU5YzY4ZWU3ZmEyZmVkOWM0ZGJiMWMiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42b7ebcc0b7a7183c67c342d6b6f1fa08ba2404dca31540f77e3ff36274f6a2c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=292407
last-modified
Thu, 04 Feb 2021 16:28:34 GMT
x-traceid
80fc9be4cbaeec69b88a1f40b4e2fe44
timing-allow-origin
*
content-length
24686
content-type
image/webp
eyJpdSI6ImM3ODU1ZjM2NzViZGI1Yzg3Mzc0MWEyMDZmNWI4NjIyNjEzNGZjNDY5MDI5OTk2ZmYzNTI5YTljMDZjYjFmOWQiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM3ODU1ZjM2NzViZGI1Yzg3Mzc0MWEyMDZmNWI4NjIyNjEzNGZjNDY5MDI5OTk2ZmYzNTI5YTljMDZjYjFmOWQiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a9b21fb9886e06dce4efcd63d64df66a52061fa04d0ca78d6f2f0f6ed9fe7e1

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=1350820
last-modified
Wed, 17 Feb 2021 05:28:13 GMT
x-traceid
b405fd3341bbc9db369f1bceb4be1856
timing-allow-origin
*
content-length
39498
content-type
image/webp
eyJpdSI6IjY2YTEyM2U3YjQ1NmQ3ZjA1OTIwZWNkZDQ3MWJmZDM1ZTBlMzUzYzNiYzJlZTZkN2JhZjNkNTM4MDYxZWU3NWUiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY2YTEyM2U3YjQ1NmQ3ZjA1OTIwZWNkZDQ3MWJmZDM1ZTBlMzUzYzNiYzJlZTZkN2JhZjNkNTM4MDYxZWU3NWUiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c314bf828a2539f98bbb071531520334177cc88f3c7991e394d8f44306da7c7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=932654
last-modified
Mon, 01 Mar 2021 17:26:59 GMT
x-traceid
f1dd628ebd282eab7d6127671277c870
timing-allow-origin
*
content-length
17470
content-type
image/webp
eyJpdSI6ImZhNjMyZmNmMzE4ZWQwYzUwZmRmM2I5ZTczMzJlZGJlNzhmZDMxZjllMDViNmMyNjg1Y2JkYzU1YjJkY2I5YjIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZhNjMyZmNmMzE4ZWQwYzUwZmRmM2I5ZTczMzJlZGJlNzhmZDMxZjllMDViNmMyNjg1Y2JkYzU1YjJkY2I5YjIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7aff0191f6533e4d0bc4ee6ef655b674046d1a00a7570bf976422eb795329a9

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=288085
last-modified
Thu, 04 Feb 2021 16:42:32 GMT
x-traceid
5ade13acfc3c4529477a0a3bbd514057
timing-allow-origin
*
content-length
42704
content-type
image/webp
eyJpdSI6IjU5NTBkZDgxYjEyM2VjYWNkOGZlNjgzMjAxYzAwODMxYmRjZTQyYTUwZDU1Y2E3YmRjNDI1ZDU1YWFlMDE2YTIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU5NTBkZDgxYjEyM2VjYWNkOGZlNjgzMjAxYzAwODMxYmRjZTQyYTUwZDU1Y2E3YmRjNDI1ZDU1YWFlMDE2YTIiLCJ3IjozNjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
376f4394e9d9ba30a499e547f0b8f6ef9831496f9eaf2228552635a94c5c0db9

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cache-control
max-age=1886058
last-modified
Mon, 08 Mar 2021 15:03:03 GMT
x-traceid
fdb3276d4320e9713a81bcfe770df64d
timing-allow-origin
*
content-length
19996
content-type
image/webp
generic.pixel
www.adwstats.com/ 		43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adwstats.com/generic.pixel?record_interface=generic&send_tracker_init=false&creative_format=1QxmSgf&creative_id=7nlkRwd&random_number=0.22484062903424684&client_start_timestamp=1616247571897&client_session_id=6eaef549-56d3-407b-a2c2-bbc91db0847d&event_type=state&event_name=impression&client_date_utc=2021-03-20%2013%3A39%3A31&client_date_utc_offset=%2B01%3A00&client_cache_buster=74fd6f8f-c1a4-4a44-8e84-41b9279de100&client_screen_width=1600&client_screen_height=1200&client_window_width=1600&client_window_height=1200&client_charset=UTF-8&client_time_elapsed=1&x_domain=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-68.dus51.r.cloudfront.net
Software
adw analytics /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:37 GMT
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
server
adw analytics
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
pZZhO_trkfpmOPWHw7pYjyKj2tW7S_lmnoXTZu7fkemg5746GsU7kA==
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.gala.fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gala.fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=854455304028611&correlator=279466257062815&output=ldjh&impl=fifs&eid=31060312%2C31060530%2C31060344%2C31060367%2C44739387&vrg=2021031601&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210320&iu_parts=228216569%2CGala%2Cl_actu-news_de_stars%2CArticle%2CBanniere-Haute%2CPave-Haut%2COut-Of-Banner&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%7C1000x90%7C1000x200%7C1800x1000%2C300x250%7C300x600%7C120x600%7C160x600%2C1x1&ists=1&prev_scp=position%3DBanniere-Haute%26slotCode%3DBanniere-Haute_6055fb10efe39%26slotPosition%3D1%26formatPosition%3DBanniere-Haute_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FBanniere-Haute%26ad_h%3D13%26pmvisibilite%3D50%26amznbid%3D2%26amznp%3D2%7Cposition%3DPave-Haut%26slotCode%3DPave-Haut_6055fb10f1210%26slotPosition%3D3%26formatPosition%3DPave-Haut_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FPave-Haut%26ad_h%3D13%26pmvisibilite%3D50_60_70_75_80%26amznbid%3D2%26amznp%3D2%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.01%26hb_adid_ix%3D9084db9daf6e3df%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D9084db9daf6e3df%26hb_bidder%3Dix%7Cposition%3DOut-Of-Banner%26slotCode%3DOut-Of-Banner_6055fb10f2605%26slotPosition%3D6%26formatPosition%3DOut-Of-Banner_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FOut-Of-Banner%26ad_h%3D13&eri=1&cust_params=pageHitID%3D795129c5-b90c-4ce2-bf25-3d6a2f21ae2e%26urlprisma%3D%252Fl_actu%252Fnews_de_stars%252Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%26env%3Dprod%26keywords%3Dpremi%25C3%25A8re_dame%252Cconfinement%252CPetits-enfants%252CLe_Touquet%252CBrigitte_Macron%26pageType%3Dnewsarticle%26pageCategory%3Dl_actu%26pageSubCategory%3Dnews_de_stars%26adunitPath%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%26currentDevice%3Ddesktop%26referrer%3Dwtm.info-people.fr%26utm_campaign%3Dpmo_gal_article%26utm_source%3Dwelcoming%26sirdata_contextual%3D186%252Csd_18064%252Csd_17989%252Csd_18313%252Cmc_67140%252Clmc_67140&cookie_enabled=1&bc=31&abxe=1&lmt=1616247572&dt=1616247572194&dlt=1616247569052&idt=1091&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1038%2C800&adys=246%2C1466%2C7815&adks=727818146%2C456844950%2C2426229309&ucis=1%7C2%7C3&hl=fr&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x290%7C373x-1%7C1600x7846&msz=1170x250%7C373x-1%7C1600x1&ga_vid=1138525389.1616247569&ga_sid=1616247572&ga_hid=1173691927&ga_fc=false&fws=4%2C516%2C4&ohw=1170%2C1600%2C1600
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
431f23dadd160fb60b5b44c9f93837b24624f4090b11a8905f7c0b6b220f1758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17153
x-xss-protection
0
google-lineitem-id
-1,5139857704,5589245951
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,500618198292,138336764441
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.159.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:36 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11042513&componentId=prebid&componentSubId=mustang&timestamp=1616247572214&pKey=-78237305&_fw_gdpr_consent=undefined&_fw_gdpr=false&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&playerSize=640x480
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
63acc25f0a8c9f956be7cb0e2b66b31251f804e2d30861fbb77382ead3e02553

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gala.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3282
x-sticky-vk
1616247572265003-412
Expires
Sat, 20 Mar 2021 13:39:32 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4e8135d04da6ec58dd2471d19325cc62f041c51f18769cd63b5f271b0651b8a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
c597599a-9382-4d42-8fe6-9c0e7a9eda3b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gala.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidrequest
dsp.adotmob.com/headerbidding/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp.adotmob.com/headerbidding/bidrequest
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d018:bb0:8d00:5b0:2a42:525f:75ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gala.fr
date
Sat, 20 Mar 2021 13:39:32 GMT
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gala.fr
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/
Redirect Chain
  • https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=4359937&componentId=prebid&componentSubId=mustang&timestamp=1616247572220&pKey=1822442225&_fw_gdpr_...
  • https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=2120274&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-s...
76 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=2120274&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&_fw_gdpr=false&_fw_gdpr_consent=undefined&_fw_gdpr_consented_providers=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f08b525fe46aec91197ef61557dffa8efd5ed0e287c6d8cb45852ac1aa8bca8

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
nginx
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.gala.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
76
Expires
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.gala.fr
Content-Type
application/xml;charset=UTF-8
Location
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=2120274&loc=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&_fw_gdpr=false&_fw_gdpr_consent=undefined&_fw_gdpr_consented_providers=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1616247572219090-355
Expires
Sat, 20 Mar 2021 13:39:32 GMT
cygnus
htlb.casalemedia.com/ 		25 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=521666&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%228693e2534309172%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.31.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221289e5ee-86e1-4263-abdd-854b113cf0a1%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-03-20T13%3A39%3A30%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22873d0a53659ec5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22521666%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A30%2C%22minduration%22%3A0%2C%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fmpeg%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B2%5D%7D%7D%5D%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7074ae25e945d21ac6d065cc7359fd7bee37d9427c66cbede38ef0ad9ffcedab

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.39.112.19], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.gala.fr
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 20 Mar 2021 13:39:32 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3316de663beee58f16abc04fd826cf2ff28fd64108554f2b28434981e0fd3126
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
a14c0714-357c-4141-a34e-ddf5e304e5e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gala.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/advertising-core/4.111.0/prisma-prebid-plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 21 Mar 2021 13:39:34 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.gala.fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gala.fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=854455304028611&correlator=732238353823940&output=ldjh&impl=fifs&eid=31060312%2C31060530%2C31060344%2C31060367%2C44739387&vrg=2021031601&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210320&iu_parts=228216569%2CGala%2Cl_actu-news_de_stars%2CArticle%2CPave-Haut2-Desktop%2CPave-Bas%2CPave-Bas2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=320x50%7C1x1%7C640x360%2C300x250%7C300x600%7C120x600%7C160x600%2C300x250%7C300x600%7C120x600%7C160x600&fluid=height%2C0%2C0&prev_scp=position%3DPave-Haut2-Desktop%26slotCode%3DPave-Haut2-Desktop_6055fb10f10ca%26slotPosition%3D2%26formatPosition%3DPave-Haut2-Desktop_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FPave-Haut2-Desktop%26ad_h%3D13%26pmvisibilite%3D50%7Cposition%3DPave-Bas%26slotCode%3DPave-Bas_6055fb10f16b6%26slotPosition%3D4%26formatPosition%3DPave-Bas_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FPave-Bas%26ad_h%3D13%26pmvisibilite%3D50%26amznbid%3D2%26amznp%3D2%7Cposition%3DPave-Bas2%26slotCode%3DPave-Bas2_6055fb10f2499%26slotPosition%3D5%26formatPosition%3DPave-Bas2_1%26adunitDFP%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%252FPave-Bas2%26ad_h%3D13%26pmvisibilite%3D50%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=pageHitID%3D795129c5-b90c-4ce2-bf25-3d6a2f21ae2e%26urlprisma%3D%252Fl_actu%252Fnews_de_stars%252Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%26env%3Dprod%26keywords%3Dpremi%25C3%25A8re_dame%252Cconfinement%252CPetits-enfants%252CLe_Touquet%252CBrigitte_Macron%26pageType%3Dnewsarticle%26pageCategory%3Dl_actu%26pageSubCategory%3Dnews_de_stars%26adunitPath%3D%252F228216569%252FGala%252Fl_actu-news_de_stars%252FArticle%26currentDevice%3Ddesktop%26referrer%3Dwtm.info-people.fr%26utm_campaign%3Dpmo_gal_article%26utm_source%3Dwelcoming%26sirdata_contextual%3D186%252Csd_18064%252Csd_17989%252Csd_18313%252Cmc_67140%252Clmc_67140&cookie_enabled=1&bc=31&abxe=1&lmt=1616247572&dt=1616247572270&dlt=1616247569052&idt=1091&frm=20&biw=1600&bih=1200&oid=3&adxs=225%2C1038%2C1038&adys=2868%2C2774%2C5321&adks=334605360%2C3303339607%2C1779392649&ucis=4%7C5%7C6&hl=fr&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=756x2595%7C373x-1%7C373x-1&msz=756x0%7C373x-1%7C373x-1&ga_vid=1138525389.1616247569&ga_sid=1616247572&ga_hid=1173691927&ga_fc=false&fws=4%2C516%2C516&ohw=756%2C1600%2C1600
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
1c1e9bfaab5d5ebd9ff88a4938713eb70a4465979f0388bf48e7fca723e6db9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16225
x-xss-protection
0
google-lineitem-id
5425044416,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138317304066,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6EDE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49838
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9439
Expires
Sun, 21 Mar 2021 03:30:10 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6EDE 		0
0
pixel
cm.g.doubleclick.net/ Frame 6EDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&gdpr=0
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6EDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=529f6055-fb14-4300-a2c5-48f1ec9e3e47&gdpr=0&gdpr_consent=
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=529f6055-fb14-4300-a2c5-48f1ec9e3e47&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
MT3 3611 f10363c master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=529f6055-fb14-4300-a2c5-48f1ec9e3e47&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 13:39:31 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6EDE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 6EDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMHS2NX8-1A-AF27&sigv=1&esig=2~c71f9c6d20a3064a0c9a974cec003292591b1f32&gdpr=0
0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMHS2NX8-1A-AF27&sigv=1&esig=2~c71f9c6d20a3064a0c9a974cec003292591b1f32&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMHS2NX8-1A-AF27&sigv=1&esig=2~c71f9c6d20a3064a0c9a974cec003292591b1f32&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6EDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gGmWyLgYGiX14aWvsVyuV8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=566730656407474250
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=566730656407474250
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Sat, 20 Mar 2021 13:39:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=566730656407474250
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 6EDE 		0
0
pixel
cm.g.doubleclick.net/ Frame 6EDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EyMmM4NTU1MDczNDY5NGZjNzU5ZDZmZTRlMjBmNGVmNGFmM2VlNQ&gdpr=0
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EyMmM4NTU1MDczNDY5NGZjNzU5ZDZmZTRlMjBmNGVmNGFmM2VlNQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EyMmM4NTU1MDczNDY5NGZjNzU5ZDZmZTRlMjBmNGVmNGFmM2VlNQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6EDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMMH0Rx9MoNdLjqGb1KnfMA&google_cver=1
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMMH0Rx9MoNdLjqGb1KnfMA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMMH0Rx9MoNdLjqGb1KnfMA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 181E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 20 Mar 2021 13:39:32 GMT
expires
Sun, 20 Mar 2022 13:39:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F27C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 20 Mar 2021 13:39:32 GMT
expires
Sun, 20 Mar 2022 13:39:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gala.js
assets.playtem.com/prd/integration/ 		840 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.playtem.com/prd/integration/gala.js?t=448958
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
178.33.42.71 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b3fc2b49597462674ca0ddbf27eca4ad56d521f68f7a46040048c486f3aa763e

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:39:45 GMT
Cache-Control
no-cache
Last-Modified
Mon, 08 Mar 2021 21:25:52 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
Content-Length
840
Content-Type
application/javascript
truncated
/ Frame 714F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd33d74186574a8d24232d405b9aaa9097f372574c8df353315ce39a47242fd1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 714F 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG8a-CiEOjg_jAUxICcIK0A5BbrNlouRG8jkO3XvAYnOZA-kbWJlTv85MSh7-vMGR38ANeQE8q1RUKcY7xm_qitxskk_iY5KExDZQWKmBtYG9JtFQnu7S87vJOp967oYaysvB11sBub5PyJp8fsC_loNuKwHPPayjFxxgJ_DFmO7SMYmhi1gBQR6eGpJnbSP4-ywJt1AzXmGOGXg-Z-Am_W6FuZRTDmvubhNE7FYVCMsQvB0SBvFs9NzRO8B6_wDHYS_mD0TrKepaRXO_b_yPaurWRiMznkyVuKYcKJce7gzPIXa3I4_w1bJ20es1mgmDJNUFlnxB3fFbRzfET5A&sig=Cg0ArKJSzFkYu22TICAiEAE&urlfix=1&adurl=
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bb3692f37b2afb96a281beb62e1b91dcba47e24b1592cc02229ccef715bf7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6540
x-xss-protection
0
auction
intake.pbstck.com/v1/intake/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=be9978eb&tId=dbb1dd3d-4ef4-418b-8674-c575d2a7ac81&c=5&ctr=DE
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
632f58e1cb531456-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175e11a000014569a002000000001
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA24 		499 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlEyRmlvipDoytpsgxL7-u1SRaMJA1OgkOCFc3LEFDWe8PkvJuoEdkQBMzzSdU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 20 Mar 2021 13:39:32 GMT
server
cafe
cache-control
private
content-length
237
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 181E 		53 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwER9-_Xuc0bb5MZrByuNCbcqkKEPrkaPyftYDQR7RG_tGW1Q071jmtP7Msg-KFgZEp95O6VB9IQKakiryy_XZ6wizSA6CJ0VFWPVUaAcUMkQx-x0JiZlo-GPJUHa6QgpbErJS9gzFvpZV422YT9CLqvbwgA&dbm_d=AKAmf-ACjeOVjyM99HBQ1JdHl-xIJItkx_glSPdcLuF17-dsaGllnBud_ml4rHwGMOQ2q0JLkmnTlJPSnZNDJr7iEQnIHY94HihDkoAjqz193DpdJt_QqDWSyDHwDldw2jMIuVDJ9E9ZDF0FeK7EnOANHumCsv1hsnAHokwFAu9SQE5CGdqeVarXjcztfPydlpIE9l2n92pFmrHqhRIyqRWQXXo8vM_gW4TFt62pBjmScMtghM9hqXBvYcjGk_EEy2O3qelJv1MzJ6A8UkCyw9yQP-dTmdDoErd2-S6NPftfGP_K--5bF4ofCtfWKnYbBxq88x3UpeUTflat9hcV6Bxy6dj_x0g5cogeUucSQXI23cjH-1sWovUGfs4IVRoL9Ti85QVHT_cr__NcEWy3xW6nZwn24zBp43_J6zF5fowu61u_3YvuOwkGv9qqk7J9jIu5bxSE8fOVb70P90cBSZM3YyiZExjHK7iajnONbebxTiRxVtUQ_fmGa77q0GwVN5ifQrpXmY7kng2e7_fDidKcyfigFLL_jhp1dejtKAJzuKmaO8cEU_ltz8zA_XxscrDzBfNf5R5EoEhW_FVlT9XAJ6G10n6wwnrZjTyTJa4J5L38NFtakWyRy4l-LVFqvtvN6OR-GsWZbaaHIYKJoWM2UtkmlVXY2571Faj8F9UGIQXqamsAVEx3Mr4Bj2saTluVstwZLdOUlQsUn3-2l-0tL5IkTcbIOtvDuYMCn8GzILYec_g1iiM2QSEdWNRkEjFRhN9pTVpYh_bIN657KM2q-t022pkT_1ul3ffNpZ6INOhbeUrVa-YfVQGDOY4WEg5OEwIJv4EHWnyGyy4UAsgtCDuWyIaf-oVfzzdxdco9qupC2erYLSBYPjJGfkgMJTRJ95VDLGjSMMEtoz32zur5hSr8_u5KclJCgIL-nTRaIFtUlhvlRtfvb19UkMPEB55BFAnIPmx5zjFnu7hDTReODyzYuDhyTbtB138bKCqfKF0dZw47_JQVoyPNqxq6RwthXe673jKw4xH85b4wpQkemheU1GFR5TcD4-s2przHgQqpt67gZtgmNgnslzjEXxnGDuVv0PPE3UDK0VhVRDhflPLTqPJWucpH6rtP3HVlQMUGvyEL5FJlyEfSD59ZYVLMeJXIwVCEJy9JLdzJyfeBgwnYVDfZalHFX5GdZM3ZHv1QGR41-CQweflsGfefb80LojvUdDutdSFapY5MJBu_0MCh2SYuPd3_WAKI4d5CFHiQ6oV-Hv_WnOdBN4nN11zcKhrPqQQdFgcI4jQPUwrHOa6Up_AN0ejQltAp4FZtwQKC1hvO7w-wQ7JquFyqT6Fwf462u4uiFfGsdLqJ0K_nLVxo1uSQIAGtrEpzZdIL9WPcOBrvehO0fXsdTI5Te6niTkg6wkEE95vOY4UmKi1R-uSnyJfVeixlFZY5MyYpbnIcIkhSeCN9ifdvofkj8U720ihZI-nnaFPuIPkiJq9avM5OkvIsb2nhX8oWwNrHqBf9UvEQEqSZm512A4ktHfZt8T4D3Q8ohbMS9D--pHRQkPRpH3xsRXrHVmv24efgh8Q2_ixWWkQC9tiDXIMULusu4q7X5paaCxmc-ydDoDEm-oyOzJ5Hw6KM8cdQWVvY1d5dWB9gTjEMLM7xGfwgr4WEwIk7BpVefXGeJTzfLIKfqeykbaWphxDLlv5QSIv7DhJp1sGMn3ByOTgENQkcQZx7O2csC9AsBQ1IsAbVdrJ92jozQL9vPLlYYbSRCIvCqrpPFpoCMGCA0dYw85BgeicpNhQohcA5pgDF-isAP-fC5YiXIEjVAiriC2mAVKcJgj7t3OQsMNWB2qyaoSbwOqU5xivzy1NzGFhn_mvPsv8Ont3KJau3x6psZjvNZ-IE-mc74_q0GvZRVgsQkqXZtWwtWTemwU7rZXbxaLKNGUHtxJv4y5WWU5hxxgUuK05qOppJ2zXnLjyB_dLpO6zgkmrnwTEwQLw1XYBXBucehuk2hJRdKmk4ysEh_M4kI7dF5A6HEYhkEYw18oM4x-mq35qSkdtdUZ1L3MUZ9jBS-U33ETsBPTIf-qwZ1KhywNhbUbQJ0PRDU1uO7Q3kdKeV7UzWrWF6_EPVxitybdKVBzu-zWNJK_WGS3rSu2WXHD7vboJcgVxGzab2zEYC4hA5dvX2CLSHsF47MBESTbxNqSEd3Vr5bclRrmyQHDhLUgWQ1zSIe8Zn5HuN5FluYX01j6g2KEs45VcZ0h0lWv9jUT-U1SaItXjWZzyVUQpwGqlRCPLZQZ3FZBIDa07xzb9z60EmqAq4mjbDy659k-aOEjCIBMvET-c4xVT6zr20eVRwb10JUfX2G_fjCEI4x8xiiKJe5BeBuIRSpl1oKJaiQQJMFlgW10rVmc10K9oX1sagYDUuZBP2dBBQnAWmUucMfYizWQWtcrKB8b0QqSG1yxVe5aRS5O63vFgz5GEdwJ_zFg-DiuZ1wqmrUIQmpZSTZ2O-5C3CiHXMyHF0ZA3JM9Oi36LgLzZ-fSFlL_ckRFPqRnjmyMl7wUF_xNS7HbfxImuEtadNhFjcly_Up4d5E_r54UrHowET8GOVR4Lf_dxst9JGdqDKFwH8FGAh5QW2GL59Ujdjz9d8yXSudJRqDImH6zGtsBxzTL3Xb9wQK8T3BGC2YehiRIk8bvMBSBdha3WR0HkX-vj6nasD8IxbTB04f_4G26ULA3vEvUMpmTIPTGIDpxk9zDk9LNx_XcIuyHPY4yv6HtKYxJv7SXaKGEYDMBS0EtPbFVnsIophuENOPcJCeH-ickiaIKhgMSWcyFVlR8MidUth09rXE9eoFZopC4-eMN07B-sTe-MnYunxuskDCE7mfCDoX7xZwe8dqozpGx4Lq419cFd11DKlMETSKOyiq0zxE6GjzNn5FpM1o1lWeSp7MBjKDK9pt6NVL6XMFhbLCpOZIrNKPINVcdJYw6FW21J4bzn2zrbLh7OkFkT0Ec96BbF9saU2LxxZIaopySw0Uhxyuyqvbboh2WGeUYxzMxk3klJpnW5660bueLNrFqmVEuo1lD2CtPf4Josegl_4LM2J0hUE08mNJf2MOB82WL5iZDpi4tfTrD1BsyR-F7U1bEQPYBCTitOLO4vO_kmn92lLDk6oWPcvNY0MeAV50dWkLZlyh4abM8-RP4lMmFiQCO7wVIl7UkiUhqbZQ9qKnKV5fcXmzR9hoi3QhjqhTEbv26dgHcCUlqyzY2syK4HZSzIFvg0u7fEk4Wm66kLH_oSAs_te5LS6rZcg1aPZqIJBFB9Rmy1ay5vQAIjJkfq05D3pTXOxHaEspc0fZ6KgOCEj1zNqKR9sb_C3-1izDGJETdLCs0ZZtR7qA38SqilpFe5jp4m-yAW-1cETKGjIHgAlGrmejCtGO6zll9TsCbxjTYxri_0mZJu9N8o5vfxztU0&cid=CAASEuRoRQRWVqIc05ddpjWfI1ufyA&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b8980f009d599e5b4881057cf6c476e1d157062d7b98505635c26c0ba630efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 181E 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtputgTreWHhe6GYTj4uvQZ1uzXnPo86LNkYxyQr7TqaNYBW-8n5mCEunchnMYFLpXAFgS3MoEq5P8KTfOBrabq7PpDuzDJJUmNM6MTKq6jZRlOUw
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 181E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 181E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 181E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:36:46 GMT
l
www.google.com/ads/measurement/ Frame 181E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5SPEfFO5c5BIr8hgaT1t210gtOn2w3w8UQtecAD7YkspZO0i9ZAAu8SqIyIues4IHLcFG7ieHe5hHK3rxMD-mzwbZ_g
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B531 		499 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlEyRmlvipDoytpsgxL7-u1SRaMJA1OgkOCFc3LEFDWe8PkvJuoEdkQBMzzSdU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 20 Mar 2021 13:39:32 GMT
server
cafe
cache-control
private
content-length
237
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F27C 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvrAoczvz5KxAwOi8CvYmd69jSoshAsWOFsN9Ss7TWlJQA4qOp74gKFxsEoBSFlOgJf52g5DmjmGpt16cN3aagNcL5k8UYzP713n8zplJrAWI6s-U3OVrS_smQe8Oijv-lyHs4Q3NXUT5fFzlTBfWZxTEZng&dbm_d=AKAmf-CWNWuk8b-ToBiiaGLVX10FZVhFo5iP2YE8AcjHF4gJdr1BN42UhZXEitWvAvUZU4l4dByISz1mO89XkoKbM6eT4wKyFEabhFL28AJqf9uq1VFfeAb5zfwsylOOwUB4-XrGmZTEZH5QWCotTZEHxtsrdNCGCej1nifjVpM2OYrDwQY2OQjAFtoIjNv5ChiXzOdHDPAO6CziAcv6F0tW2q6hpMOSNJMW3l_3p3tgaTpkL4-mLiT59OH1nYwLIdLGYlde1YmodoA2MFZJEeeYXjPH1xC66ZtLZKAvDzULbWmcCDb6PWmvY4Kl3jwhQn8O9vKQn9xes5OmVe_zdYxynIeVeDBicKyvLgqKEKkLx5weaqtkfClcCqfskLq8nX1jj1PB-TVpXrBRZxYn6M1me2PiXKlYv2DaBogpiFnyhrwUNVWIZ3I18SrPBH_GQcrHVkSflLvSjtaYvBuqxL5RM_0BK1OaimTzjCoz3SQbtB7kd8VjgdxvSeMof83fD3oRN0SEFbkIvTTrpywdzjOUXDAq62gZCCcv_03wLq_5xJKs9jzGGRV7EliifEqP1TWEo8bva3fhYusEH35d9tmmls2YMDyIL4x_Ty4Ibea1hL6OMN759wBvjGpJAzDv4k93Wz0XLocKl5hojyh4d0_5TplToSQLaTUTrTB1SQGahG050tbHpMknP97ci3jp-lR5Dzk4G_VafZs2EeCJ2_xjJv3q64rMdBaNwZTYi_-pyBInMEE5L1XQhAdqbMlCYzodbbzemKzE-sRQU1wx2l2oDv8m6WGwW55IkwrpQQhB-tDNr_KgIV0tlmeMiBZ017RYyHuFWMetp2sxdA3zY8TX8Ku-Sbso2cwEjU8yOtIhM7_ZKc4UNS1lVLEL79oDXY72HQVHT-J7xPM2wZdXqMFaKIlTxs1AIC75mMtl2j3eULGL3aubNLDxaJBUkxZBKCv3s0Gy-m2Cfcs5rtf4NlFiKtiekL69K6sw0OrtZgnJhgdOIDIGbv-9BWOvNFHqdJ-c6c6-OMoU1_g5nf8Cdenmcs0-RGZeCe8o4LmB6XoWNNeH6SFYb1XSjQkLbFfpRYV9ZsxDtCyjZGlwY9MpZUzEfw-zjFo3B5zVPgDisADK6UpZnnoY5l0_S4kUcmbYQU3vMQo7cTicPORVPSDYdDBZMcbkhTIGxp2DxN47QmQOYWIhfibnah3_6DgnJ7aNXCfbvUeVxw9q8GanwQiKsopLRbMBNCK8S3SgkadvQIWrDOhWkVi0WNzJGqTKVS0hp_T0x6Z72LQ0gdEO0pYGFxeMajngwWwRdTousKirv4MYrydEXcMYMFzmxZDX7JndeBI2N-n218cbNYqQV_Mgpr46iowhgSeZqzDIKUn9dAlPs336TsWF4cLguBBfz5n6qi8N2AaSn23VZyeVCZnCFqouXWCj6lavFNX0kZUovEGepTtfBJKQhJFVQFCNrz9218-6GHL0xgQ5EhmrYPWXy4kIQnITeKNKA2LNvnt4BCunjU6tFijl_qj4ZgKjgMzh4ROzLXQGycaFP7GvnsotXWEXBgEUNWXiT3HEvJ7m48RWkEcB6PbXGji_k2OkbRlSVf5FZ-vryJhovtN7jSQlpoEjWYycoqSA5sRXb5Jo4E4MONy1B9si-WdEiJULRJTuSqVF_9q9Ng-iL_b1x_uKSuColaDxo903y2gFDNXDE-gcrDOT2nQ7JuXXr_KrYFr5NuQUbeXrHLf17V3iO4V7WSis7CwyksRkjVEpo5-H3DAFqoZEqpyAo4XXSQhYjlNkKSd5d3TcZyVvzhHFJpdeL3QTp5q50C2M4crNEC6ypZ5QsXw1D8IgB11HElqhZVCFhvZDnonhZnUegAo96tCpFg6yz7j3uShI1NIGQETwxeWftF7JBBEeB32l87ip0jIsxqpqnnBpJDc4DAzkevCeZNSyuZYDlfnNSpqSgg9707KVDPaaF5VfJlINhBRuwID7bPgWJh8uviQ8RczPKB94N4q7JxpmiPt5VGlcS-BluLsrer21jQq-3UOv9EdsjsOaKpvZx8vWiBVLVgdEvdgBgZ2bg82NVpXpLEd3G42p6FWredv3-XvnQ5wvdaXO293c-rzgH1K3FZlSor9oaKKRZUMHmQmOv2bJ3Dg6D__944exC1fyFAGm1VsVnTf2B3OVvLyZXh6PK-r6mAYl-RDUUZ8QCgy9PxpGOGIl7UZtO33cCTQA7UVPGBTA-DReQ3VSCdxtpcrQ5J8Z0a-u3nDGCoWiB6Ej0fXvMgBaGYZrjxYcOChVBo4pkr-09GzKRphnK5rD66K7i4HUrKxEJgpyRZVSUswEcwnv8RrzHhbhHtJj66_b17916a1JABCdzAoY06E_UXHXkeAMBqlvPDPdkWP0P3Itxwzde3lpxAx7eafUYvvMdpyRfGDZhfyUNILvN8E_FsnVYN2mIg1huQEb2kr3RiRKFj6Abe4IA6kezt_ypFmRBQTY9tyGTOGnEDe25TF5f9gLXuE2FItFRI2qHv-xzWvO3IynGbEVxZBhWUvVVOeqC81fCF7fFipdIxR7XjIskFzAH2Vbst4TrzO1GHa8EAOETJ5G49NzRzrm8DEBEbNDANd_Awmw1gPxX7Jg1WOCg-YM4rgscTvwcFOTE7R9bGadbrd-vtjrwHiMq8Eqlcaq1IF6M63zKmhwJc-pXP6y54PQTVrQMwuLB605aErMYNaBkmjWz6KLpGTdMJAFzXEFJ9BaxOEHLSdRDtTYT5N6stG4T_TjZtGEnBjy2YYC-Uv096ktuR2WOeJYRBgcJT1bRdKb_aEayIud6h_aIycu1qN24PSl_wLWP0XpynCutJPKPRNx3gFtjV7X_AZ9faBG8M6LI9W3PPnfiQdlDN4mur58RPho6olI6oKxxPth21iXeVQA_E4oNLEIFhHo8b_mh5LXrH-4ESgMZgEXjVvumf9OjJoe3fma9iOHH2qyH_LL7pTF2b4wNtnlEjeurn877nXXeYaijN4R3AjwI7HHKxVgIbVKr6JFSHcCObYUaEz8lcIM-9FqZ-6c1O09WlbSdn0U0WG_o9lI3CnlWJ9kEvJAytE0xbK68mTqc-KQdKXWvarj6QJPOXY-N6BZWO4D5JReMGqKAVBwV-aJktR6v5Pih5Bh1OlrgbjdduPWvIl1HRyh7tbPbdtB87e7hJv-Z6HsBbd_BQ9HYZFnjIOyDam3FAJ9xUX_3SgzWuI-7ZvA_kZTxwZioGatVuuZ5U67caXEtoHvWruMLJzHnu0ScodX5uhP3pn3_zfcT3CoQNjbbNFZuycetO_rvLtgJiBRT-Ma8LVW9gFLQth_Wb7h0bmGTWf0xmk97k_x7biRAnjpvhOZXD5Lp9zG8mXe9S2AhBveVjm8TsDj4U0s5s18KLZ0nnY5D7cs16mMGZrtkqrsJI5PPKgD9z6OZO6enhtYXY4BFf5FZznN-ZpAQ6ksYwpP5A3V1EeYobyeNnQbvmTC3jb4NrcBtKa-jW19D5lIkRh0wem14SK8C3YbsiCFa-pw-Xdjy1zqI8antbFbgp5YKOLaiclMwBbktF_gGAaKMSrsj_COm8a5Ak4SsIBr78W_TEG8eAqCKSAi_yw3W2A0bhUNlnTK2utTPNvZCBbH3rxZ35iTEQpdp_O3HE3I4-hycc8GiENlh7AZXAunQ1Li5tvZbSPvStaP69efMFQupU2-_k7uZWGOvuIvXbf8fCJaGtzmA-Bof5WipOXQTj5n_ft2p169CxtYSSIcT6QRIIzLrjokBqidY_KxJYFOBInr2FQ0BmhTpx2EFezvzvZavNy5bCX9HHNtYXSsYpMi9UcIVgKxRSoV41BBd-DMxi8ws7wAoT3hYABKyo7sZCrCLfXn0dykxtL-Kp41kpVruNwsy3EV3XCoc-Csp50SjY2OjA2KYCUJde7LP0Yi3WKZ4i90eL8644uNcjEeHcFhBTaou-W08biCyEieKvJCLDm67lFM1zWInQmOL1y0r2yL8DtelH8-gGrMtfgX3GfpgvhqbPfmlKsQ3NYagbPQWcR1jyor3wXYyoU2IZ5ixrzFlNz_FFaXNARdptLoWr34-4StkoKq6zWjbWvUe1eXeLVKuWgcHxSPt7bTdbhmR2ojLwSVtWM6cM68i-Ubb4uu27Js1wBoK8_jdkrOkfKNWYpPp7hD4iS4YAFPtNK1PwuJKIArKAsJGs-bU4Flt5KMaERqjk4NPNvgld7UFOjzELu2bheyCLmdfjXKo2awVx6H_Z3sySK1MTjYnbLcolPHlaStAlfpdineRgEvMwGAfJ7R2EDsG7WPrLcWI6Qg4LGXz3xhmGpmypPZLebxXU5_tgrn3SfISlnDvIrFTcR8HoyfM-u5aMYiJuKXuAR2jOpaSxpsQvk1-3vGiPGgCpAouZ_TOijIaDJpOUlfF4pyMKklC7Ozmbnn5zR4LdHBKLFciowMFlMFwwtU5z41pD51IYPfj_qj0UskuiRu7cxvQvOmIzgk_atnD6xPy5JDmVRwvRpWEQ&cid=CAASEuRor1VeW05QAUSq0IRTvGRfxw&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstvgCZIa8l0hC6y3OMrzPExNNZn1ofvxb4p8Pvh7UxAI_6U0gck5H-TQdpkw4KYu5vicdhmEH1J8OwuaZkP2Gc264-TumIkI9Sux2ZkCBamg07f20gCrtQKVh76pXV8dlpn0QoPYY3QqnsP00aRR7oJ7Awd1TzA6FMohuvd_XRZxN0eTURQrzMEumBpFmcKZ4QjsCLymsaEM8g3zqtE1DiB47LfHqBIFFQfAgd5au3QkTcCtmnZLPUJVhMkLyxjNkuo-G6wUyMdeSyQG5KwuG1UfVN3QcWjNtDMpy4PsONVsuRGYc4yrKxHVXu78wDa7jP2gbBjx6Kr3bUZGutTgu8p%26sig%3DCg0ArKJSzIBs0-098IdWEAE%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4aa13658fd69372288a219abefafc87d94a005a57430f7711bf1475b2b38cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22713
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F27C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWVkDeMCLeqstX-hr2VbyOX3rCNwjio6torT60QUXVinJVhM5TMNTq33zRpd9XSLUfsVJ_m5aFdYKkcfLuWKuWHjuC4kmlcBEB_jPMfR2Sp2OueRc
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F27C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F27C 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F27C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:36:46 GMT
pixel
cm.g.doubleclick.net/ Frame FA24 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FA24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FA24
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNXn4498RkhrmD6eLfcGIEhcx6ADF1cEjKgz-yc8nVr_NeDBOVDvRx7DhhtBrh3UK86rWd7RM5wqWd2EIdInsyAVZLHnDMQvZTHiikdJlKgP6nZww20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B531 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B531
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B531
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFX7EgrZP0-lLIYDBJaWPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCA1j0Yu9SxngEwAQ&v=APEucNVzfkQEwiDvLXt1O6rxgADBoz1CxH_Y9c6IW_4MiCH8iyl3MJpxidem806HGfQtTCvewHdkCFTOg6bTD7Vd9yTI6MZA-jQxTSqQ6sIR_8T2Y-YwnFs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 13:39:33 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENy4ByqwyX0qKHBaqGw_G1Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 181E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78270
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Mar 2021 15:55:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame 181E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwER9-_Xuc0bb5MZrByuNCbcqkKEPrkaPyftYDQR7RG_tGW1Q071jmtP7Msg-KFgZEp95O6VB9IQKakiryy_XZ6wizSA6CJ0VFWPVUaAcUMkQx-x0JiZlo-GPJUHa6QgpbErJS9gzFvpZV422YT9CLqvbwgA&dbm_d=AKAmf-ACjeOVjyM99HBQ1JdHl-xIJItkx_glSPdcLuF17-dsaGllnBud_ml4rHwGMOQ2q0JLkmnTlJPSnZNDJr7iEQnIHY94HihDkoAjqz193DpdJt_QqDWSyDHwDldw2jMIuVDJ9E9ZDF0FeK7EnOANHumCsv1hsnAHokwFAu9SQE5CGdqeVarXjcztfPydlpIE9l2n92pFmrHqhRIyqRWQXXo8vM_gW4TFt62pBjmScMtghM9hqXBvYcjGk_EEy2O3qelJv1MzJ6A8UkCyw9yQP-dTmdDoErd2-S6NPftfGP_K--5bF4ofCtfWKnYbBxq88x3UpeUTflat9hcV6Bxy6dj_x0g5cogeUucSQXI23cjH-1sWovUGfs4IVRoL9Ti85QVHT_cr__NcEWy3xW6nZwn24zBp43_J6zF5fowu61u_3YvuOwkGv9qqk7J9jIu5bxSE8fOVb70P90cBSZM3YyiZExjHK7iajnONbebxTiRxVtUQ_fmGa77q0GwVN5ifQrpXmY7kng2e7_fDidKcyfigFLL_jhp1dejtKAJzuKmaO8cEU_ltz8zA_XxscrDzBfNf5R5EoEhW_FVlT9XAJ6G10n6wwnrZjTyTJa4J5L38NFtakWyRy4l-LVFqvtvN6OR-GsWZbaaHIYKJoWM2UtkmlVXY2571Faj8F9UGIQXqamsAVEx3Mr4Bj2saTluVstwZLdOUlQsUn3-2l-0tL5IkTcbIOtvDuYMCn8GzILYec_g1iiM2QSEdWNRkEjFRhN9pTVpYh_bIN657KM2q-t022pkT_1ul3ffNpZ6INOhbeUrVa-YfVQGDOY4WEg5OEwIJv4EHWnyGyy4UAsgtCDuWyIaf-oVfzzdxdco9qupC2erYLSBYPjJGfkgMJTRJ95VDLGjSMMEtoz32zur5hSr8_u5KclJCgIL-nTRaIFtUlhvlRtfvb19UkMPEB55BFAnIPmx5zjFnu7hDTReODyzYuDhyTbtB138bKCqfKF0dZw47_JQVoyPNqxq6RwthXe673jKw4xH85b4wpQkemheU1GFR5TcD4-s2przHgQqpt67gZtgmNgnslzjEXxnGDuVv0PPE3UDK0VhVRDhflPLTqPJWucpH6rtP3HVlQMUGvyEL5FJlyEfSD59ZYVLMeJXIwVCEJy9JLdzJyfeBgwnYVDfZalHFX5GdZM3ZHv1QGR41-CQweflsGfefb80LojvUdDutdSFapY5MJBu_0MCh2SYuPd3_WAKI4d5CFHiQ6oV-Hv_WnOdBN4nN11zcKhrPqQQdFgcI4jQPUwrHOa6Up_AN0ejQltAp4FZtwQKC1hvO7w-wQ7JquFyqT6Fwf462u4uiFfGsdLqJ0K_nLVxo1uSQIAGtrEpzZdIL9WPcOBrvehO0fXsdTI5Te6niTkg6wkEE95vOY4UmKi1R-uSnyJfVeixlFZY5MyYpbnIcIkhSeCN9ifdvofkj8U720ihZI-nnaFPuIPkiJq9avM5OkvIsb2nhX8oWwNrHqBf9UvEQEqSZm512A4ktHfZt8T4D3Q8ohbMS9D--pHRQkPRpH3xsRXrHVmv24efgh8Q2_ixWWkQC9tiDXIMULusu4q7X5paaCxmc-ydDoDEm-oyOzJ5Hw6KM8cdQWVvY1d5dWB9gTjEMLM7xGfwgr4WEwIk7BpVefXGeJTzfLIKfqeykbaWphxDLlv5QSIv7DhJp1sGMn3ByOTgENQkcQZx7O2csC9AsBQ1IsAbVdrJ92jozQL9vPLlYYbSRCIvCqrpPFpoCMGCA0dYw85BgeicpNhQohcA5pgDF-isAP-fC5YiXIEjVAiriC2mAVKcJgj7t3OQsMNWB2qyaoSbwOqU5xivzy1NzGFhn_mvPsv8Ont3KJau3x6psZjvNZ-IE-mc74_q0GvZRVgsQkqXZtWwtWTemwU7rZXbxaLKNGUHtxJv4y5WWU5hxxgUuK05qOppJ2zXnLjyB_dLpO6zgkmrnwTEwQLw1XYBXBucehuk2hJRdKmk4ysEh_M4kI7dF5A6HEYhkEYw18oM4x-mq35qSkdtdUZ1L3MUZ9jBS-U33ETsBPTIf-qwZ1KhywNhbUbQJ0PRDU1uO7Q3kdKeV7UzWrWF6_EPVxitybdKVBzu-zWNJK_WGS3rSu2WXHD7vboJcgVxGzab2zEYC4hA5dvX2CLSHsF47MBESTbxNqSEd3Vr5bclRrmyQHDhLUgWQ1zSIe8Zn5HuN5FluYX01j6g2KEs45VcZ0h0lWv9jUT-U1SaItXjWZzyVUQpwGqlRCPLZQZ3FZBIDa07xzb9z60EmqAq4mjbDy659k-aOEjCIBMvET-c4xVT6zr20eVRwb10JUfX2G_fjCEI4x8xiiKJe5BeBuIRSpl1oKJaiQQJMFlgW10rVmc10K9oX1sagYDUuZBP2dBBQnAWmUucMfYizWQWtcrKB8b0QqSG1yxVe5aRS5O63vFgz5GEdwJ_zFg-DiuZ1wqmrUIQmpZSTZ2O-5C3CiHXMyHF0ZA3JM9Oi36LgLzZ-fSFlL_ckRFPqRnjmyMl7wUF_xNS7HbfxImuEtadNhFjcly_Up4d5E_r54UrHowET8GOVR4Lf_dxst9JGdqDKFwH8FGAh5QW2GL59Ujdjz9d8yXSudJRqDImH6zGtsBxzTL3Xb9wQK8T3BGC2YehiRIk8bvMBSBdha3WR0HkX-vj6nasD8IxbTB04f_4G26ULA3vEvUMpmTIPTGIDpxk9zDk9LNx_XcIuyHPY4yv6HtKYxJv7SXaKGEYDMBS0EtPbFVnsIophuENOPcJCeH-ickiaIKhgMSWcyFVlR8MidUth09rXE9eoFZopC4-eMN07B-sTe-MnYunxuskDCE7mfCDoX7xZwe8dqozpGx4Lq419cFd11DKlMETSKOyiq0zxE6GjzNn5FpM1o1lWeSp7MBjKDK9pt6NVL6XMFhbLCpOZIrNKPINVcdJYw6FW21J4bzn2zrbLh7OkFkT0Ec96BbF9saU2LxxZIaopySw0Uhxyuyqvbboh2WGeUYxzMxk3klJpnW5660bueLNrFqmVEuo1lD2CtPf4Josegl_4LM2J0hUE08mNJf2MOB82WL5iZDpi4tfTrD1BsyR-F7U1bEQPYBCTitOLO4vO_kmn92lLDk6oWPcvNY0MeAV50dWkLZlyh4abM8-RP4lMmFiQCO7wVIl7UkiUhqbZQ9qKnKV5fcXmzR9hoi3QhjqhTEbv26dgHcCUlqyzY2syK4HZSzIFvg0u7fEk4Wm66kLH_oSAs_te5LS6rZcg1aPZqIJBFB9Rmy1ay5vQAIjJkfq05D3pTXOxHaEspc0fZ6KgOCEj1zNqKR9sb_C3-1izDGJETdLCs0ZZtR7qA38SqilpFe5jp4m-yAW-1cETKGjIHgAlGrmejCtGO6zll9TsCbxjTYxri_0mZJu9N8o5vfxztU0&cid=CAASEuRoRQRWVqIc05ddpjWfI1ufyA&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:38:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 181E 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwER9-_Xuc0bb5MZrByuNCbcqkKEPrkaPyftYDQR7RG_tGW1Q071jmtP7Msg-KFgZEp95O6VB9IQKakiryy_XZ6wizSA6CJ0VFWPVUaAcUMkQx-x0JiZlo-GPJUHa6QgpbErJS9gzFvpZV422YT9CLqvbwgA&dbm_d=AKAmf-ACjeOVjyM99HBQ1JdHl-xIJItkx_glSPdcLuF17-dsaGllnBud_ml4rHwGMOQ2q0JLkmnTlJPSnZNDJr7iEQnIHY94HihDkoAjqz193DpdJt_QqDWSyDHwDldw2jMIuVDJ9E9ZDF0FeK7EnOANHumCsv1hsnAHokwFAu9SQE5CGdqeVarXjcztfPydlpIE9l2n92pFmrHqhRIyqRWQXXo8vM_gW4TFt62pBjmScMtghM9hqXBvYcjGk_EEy2O3qelJv1MzJ6A8UkCyw9yQP-dTmdDoErd2-S6NPftfGP_K--5bF4ofCtfWKnYbBxq88x3UpeUTflat9hcV6Bxy6dj_x0g5cogeUucSQXI23cjH-1sWovUGfs4IVRoL9Ti85QVHT_cr__NcEWy3xW6nZwn24zBp43_J6zF5fowu61u_3YvuOwkGv9qqk7J9jIu5bxSE8fOVb70P90cBSZM3YyiZExjHK7iajnONbebxTiRxVtUQ_fmGa77q0GwVN5ifQrpXmY7kng2e7_fDidKcyfigFLL_jhp1dejtKAJzuKmaO8cEU_ltz8zA_XxscrDzBfNf5R5EoEhW_FVlT9XAJ6G10n6wwnrZjTyTJa4J5L38NFtakWyRy4l-LVFqvtvN6OR-GsWZbaaHIYKJoWM2UtkmlVXY2571Faj8F9UGIQXqamsAVEx3Mr4Bj2saTluVstwZLdOUlQsUn3-2l-0tL5IkTcbIOtvDuYMCn8GzILYec_g1iiM2QSEdWNRkEjFRhN9pTVpYh_bIN657KM2q-t022pkT_1ul3ffNpZ6INOhbeUrVa-YfVQGDOY4WEg5OEwIJv4EHWnyGyy4UAsgtCDuWyIaf-oVfzzdxdco9qupC2erYLSBYPjJGfkgMJTRJ95VDLGjSMMEtoz32zur5hSr8_u5KclJCgIL-nTRaIFtUlhvlRtfvb19UkMPEB55BFAnIPmx5zjFnu7hDTReODyzYuDhyTbtB138bKCqfKF0dZw47_JQVoyPNqxq6RwthXe673jKw4xH85b4wpQkemheU1GFR5TcD4-s2przHgQqpt67gZtgmNgnslzjEXxnGDuVv0PPE3UDK0VhVRDhflPLTqPJWucpH6rtP3HVlQMUGvyEL5FJlyEfSD59ZYVLMeJXIwVCEJy9JLdzJyfeBgwnYVDfZalHFX5GdZM3ZHv1QGR41-CQweflsGfefb80LojvUdDutdSFapY5MJBu_0MCh2SYuPd3_WAKI4d5CFHiQ6oV-Hv_WnOdBN4nN11zcKhrPqQQdFgcI4jQPUwrHOa6Up_AN0ejQltAp4FZtwQKC1hvO7w-wQ7JquFyqT6Fwf462u4uiFfGsdLqJ0K_nLVxo1uSQIAGtrEpzZdIL9WPcOBrvehO0fXsdTI5Te6niTkg6wkEE95vOY4UmKi1R-uSnyJfVeixlFZY5MyYpbnIcIkhSeCN9ifdvofkj8U720ihZI-nnaFPuIPkiJq9avM5OkvIsb2nhX8oWwNrHqBf9UvEQEqSZm512A4ktHfZt8T4D3Q8ohbMS9D--pHRQkPRpH3xsRXrHVmv24efgh8Q2_ixWWkQC9tiDXIMULusu4q7X5paaCxmc-ydDoDEm-oyOzJ5Hw6KM8cdQWVvY1d5dWB9gTjEMLM7xGfwgr4WEwIk7BpVefXGeJTzfLIKfqeykbaWphxDLlv5QSIv7DhJp1sGMn3ByOTgENQkcQZx7O2csC9AsBQ1IsAbVdrJ92jozQL9vPLlYYbSRCIvCqrpPFpoCMGCA0dYw85BgeicpNhQohcA5pgDF-isAP-fC5YiXIEjVAiriC2mAVKcJgj7t3OQsMNWB2qyaoSbwOqU5xivzy1NzGFhn_mvPsv8Ont3KJau3x6psZjvNZ-IE-mc74_q0GvZRVgsQkqXZtWwtWTemwU7rZXbxaLKNGUHtxJv4y5WWU5hxxgUuK05qOppJ2zXnLjyB_dLpO6zgkmrnwTEwQLw1XYBXBucehuk2hJRdKmk4ysEh_M4kI7dF5A6HEYhkEYw18oM4x-mq35qSkdtdUZ1L3MUZ9jBS-U33ETsBPTIf-qwZ1KhywNhbUbQJ0PRDU1uO7Q3kdKeV7UzWrWF6_EPVxitybdKVBzu-zWNJK_WGS3rSu2WXHD7vboJcgVxGzab2zEYC4hA5dvX2CLSHsF47MBESTbxNqSEd3Vr5bclRrmyQHDhLUgWQ1zSIe8Zn5HuN5FluYX01j6g2KEs45VcZ0h0lWv9jUT-U1SaItXjWZzyVUQpwGqlRCPLZQZ3FZBIDa07xzb9z60EmqAq4mjbDy659k-aOEjCIBMvET-c4xVT6zr20eVRwb10JUfX2G_fjCEI4x8xiiKJe5BeBuIRSpl1oKJaiQQJMFlgW10rVmc10K9oX1sagYDUuZBP2dBBQnAWmUucMfYizWQWtcrKB8b0QqSG1yxVe5aRS5O63vFgz5GEdwJ_zFg-DiuZ1wqmrUIQmpZSTZ2O-5C3CiHXMyHF0ZA3JM9Oi36LgLzZ-fSFlL_ckRFPqRnjmyMl7wUF_xNS7HbfxImuEtadNhFjcly_Up4d5E_r54UrHowET8GOVR4Lf_dxst9JGdqDKFwH8FGAh5QW2GL59Ujdjz9d8yXSudJRqDImH6zGtsBxzTL3Xb9wQK8T3BGC2YehiRIk8bvMBSBdha3WR0HkX-vj6nasD8IxbTB04f_4G26ULA3vEvUMpmTIPTGIDpxk9zDk9LNx_XcIuyHPY4yv6HtKYxJv7SXaKGEYDMBS0EtPbFVnsIophuENOPcJCeH-ickiaIKhgMSWcyFVlR8MidUth09rXE9eoFZopC4-eMN07B-sTe-MnYunxuskDCE7mfCDoX7xZwe8dqozpGx4Lq419cFd11DKlMETSKOyiq0zxE6GjzNn5FpM1o1lWeSp7MBjKDK9pt6NVL6XMFhbLCpOZIrNKPINVcdJYw6FW21J4bzn2zrbLh7OkFkT0Ec96BbF9saU2LxxZIaopySw0Uhxyuyqvbboh2WGeUYxzMxk3klJpnW5660bueLNrFqmVEuo1lD2CtPf4Josegl_4LM2J0hUE08mNJf2MOB82WL5iZDpi4tfTrD1BsyR-F7U1bEQPYBCTitOLO4vO_kmn92lLDk6oWPcvNY0MeAV50dWkLZlyh4abM8-RP4lMmFiQCO7wVIl7UkiUhqbZQ9qKnKV5fcXmzR9hoi3QhjqhTEbv26dgHcCUlqyzY2syK4HZSzIFvg0u7fEk4Wm66kLH_oSAs_te5LS6rZcg1aPZqIJBFB9Rmy1ay5vQAIjJkfq05D3pTXOxHaEspc0fZ6KgOCEj1zNqKR9sb_C3-1izDGJETdLCs0ZZtR7qA38SqilpFe5jp4m-yAW-1cETKGjIHgAlGrmejCtGO6zll9TsCbxjTYxri_0mZJu9N8o5vfxztU0&cid=CAASEuRoRQRWVqIc05ddpjWfI1ufyA&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 181E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96953
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 10:43:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8F91 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 16:59:40 GMT
expires
Sat, 20 Mar 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
74392
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 181E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f926688f6ac33e82cd95e3db4990416cfb835067b1dfe98c29f2abd857e23260

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame F27C 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78270
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Mar 2021 15:55:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame F27C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvrAoczvz5KxAwOi8CvYmd69jSoshAsWOFsN9Ss7TWlJQA4qOp74gKFxsEoBSFlOgJf52g5DmjmGpt16cN3aagNcL5k8UYzP713n8zplJrAWI6s-U3OVrS_smQe8Oijv-lyHs4Q3NXUT5fFzlTBfWZxTEZng&dbm_d=AKAmf-CWNWuk8b-ToBiiaGLVX10FZVhFo5iP2YE8AcjHF4gJdr1BN42UhZXEitWvAvUZU4l4dByISz1mO89XkoKbM6eT4wKyFEabhFL28AJqf9uq1VFfeAb5zfwsylOOwUB4-XrGmZTEZH5QWCotTZEHxtsrdNCGCej1nifjVpM2OYrDwQY2OQjAFtoIjNv5ChiXzOdHDPAO6CziAcv6F0tW2q6hpMOSNJMW3l_3p3tgaTpkL4-mLiT59OH1nYwLIdLGYlde1YmodoA2MFZJEeeYXjPH1xC66ZtLZKAvDzULbWmcCDb6PWmvY4Kl3jwhQn8O9vKQn9xes5OmVe_zdYxynIeVeDBicKyvLgqKEKkLx5weaqtkfClcCqfskLq8nX1jj1PB-TVpXrBRZxYn6M1me2PiXKlYv2DaBogpiFnyhrwUNVWIZ3I18SrPBH_GQcrHVkSflLvSjtaYvBuqxL5RM_0BK1OaimTzjCoz3SQbtB7kd8VjgdxvSeMof83fD3oRN0SEFbkIvTTrpywdzjOUXDAq62gZCCcv_03wLq_5xJKs9jzGGRV7EliifEqP1TWEo8bva3fhYusEH35d9tmmls2YMDyIL4x_Ty4Ibea1hL6OMN759wBvjGpJAzDv4k93Wz0XLocKl5hojyh4d0_5TplToSQLaTUTrTB1SQGahG050tbHpMknP97ci3jp-lR5Dzk4G_VafZs2EeCJ2_xjJv3q64rMdBaNwZTYi_-pyBInMEE5L1XQhAdqbMlCYzodbbzemKzE-sRQU1wx2l2oDv8m6WGwW55IkwrpQQhB-tDNr_KgIV0tlmeMiBZ017RYyHuFWMetp2sxdA3zY8TX8Ku-Sbso2cwEjU8yOtIhM7_ZKc4UNS1lVLEL79oDXY72HQVHT-J7xPM2wZdXqMFaKIlTxs1AIC75mMtl2j3eULGL3aubNLDxaJBUkxZBKCv3s0Gy-m2Cfcs5rtf4NlFiKtiekL69K6sw0OrtZgnJhgdOIDIGbv-9BWOvNFHqdJ-c6c6-OMoU1_g5nf8Cdenmcs0-RGZeCe8o4LmB6XoWNNeH6SFYb1XSjQkLbFfpRYV9ZsxDtCyjZGlwY9MpZUzEfw-zjFo3B5zVPgDisADK6UpZnnoY5l0_S4kUcmbYQU3vMQo7cTicPORVPSDYdDBZMcbkhTIGxp2DxN47QmQOYWIhfibnah3_6DgnJ7aNXCfbvUeVxw9q8GanwQiKsopLRbMBNCK8S3SgkadvQIWrDOhWkVi0WNzJGqTKVS0hp_T0x6Z72LQ0gdEO0pYGFxeMajngwWwRdTousKirv4MYrydEXcMYMFzmxZDX7JndeBI2N-n218cbNYqQV_Mgpr46iowhgSeZqzDIKUn9dAlPs336TsWF4cLguBBfz5n6qi8N2AaSn23VZyeVCZnCFqouXWCj6lavFNX0kZUovEGepTtfBJKQhJFVQFCNrz9218-6GHL0xgQ5EhmrYPWXy4kIQnITeKNKA2LNvnt4BCunjU6tFijl_qj4ZgKjgMzh4ROzLXQGycaFP7GvnsotXWEXBgEUNWXiT3HEvJ7m48RWkEcB6PbXGji_k2OkbRlSVf5FZ-vryJhovtN7jSQlpoEjWYycoqSA5sRXb5Jo4E4MONy1B9si-WdEiJULRJTuSqVF_9q9Ng-iL_b1x_uKSuColaDxo903y2gFDNXDE-gcrDOT2nQ7JuXXr_KrYFr5NuQUbeXrHLf17V3iO4V7WSis7CwyksRkjVEpo5-H3DAFqoZEqpyAo4XXSQhYjlNkKSd5d3TcZyVvzhHFJpdeL3QTp5q50C2M4crNEC6ypZ5QsXw1D8IgB11HElqhZVCFhvZDnonhZnUegAo96tCpFg6yz7j3uShI1NIGQETwxeWftF7JBBEeB32l87ip0jIsxqpqnnBpJDc4DAzkevCeZNSyuZYDlfnNSpqSgg9707KVDPaaF5VfJlINhBRuwID7bPgWJh8uviQ8RczPKB94N4q7JxpmiPt5VGlcS-BluLsrer21jQq-3UOv9EdsjsOaKpvZx8vWiBVLVgdEvdgBgZ2bg82NVpXpLEd3G42p6FWredv3-XvnQ5wvdaXO293c-rzgH1K3FZlSor9oaKKRZUMHmQmOv2bJ3Dg6D__944exC1fyFAGm1VsVnTf2B3OVvLyZXh6PK-r6mAYl-RDUUZ8QCgy9PxpGOGIl7UZtO33cCTQA7UVPGBTA-DReQ3VSCdxtpcrQ5J8Z0a-u3nDGCoWiB6Ej0fXvMgBaGYZrjxYcOChVBo4pkr-09GzKRphnK5rD66K7i4HUrKxEJgpyRZVSUswEcwnv8RrzHhbhHtJj66_b17916a1JABCdzAoY06E_UXHXkeAMBqlvPDPdkWP0P3Itxwzde3lpxAx7eafUYvvMdpyRfGDZhfyUNILvN8E_FsnVYN2mIg1huQEb2kr3RiRKFj6Abe4IA6kezt_ypFmRBQTY9tyGTOGnEDe25TF5f9gLXuE2FItFRI2qHv-xzWvO3IynGbEVxZBhWUvVVOeqC81fCF7fFipdIxR7XjIskFzAH2Vbst4TrzO1GHa8EAOETJ5G49NzRzrm8DEBEbNDANd_Awmw1gPxX7Jg1WOCg-YM4rgscTvwcFOTE7R9bGadbrd-vtjrwHiMq8Eqlcaq1IF6M63zKmhwJc-pXP6y54PQTVrQMwuLB605aErMYNaBkmjWz6KLpGTdMJAFzXEFJ9BaxOEHLSdRDtTYT5N6stG4T_TjZtGEnBjy2YYC-Uv096ktuR2WOeJYRBgcJT1bRdKb_aEayIud6h_aIycu1qN24PSl_wLWP0XpynCutJPKPRNx3gFtjV7X_AZ9faBG8M6LI9W3PPnfiQdlDN4mur58RPho6olI6oKxxPth21iXeVQA_E4oNLEIFhHo8b_mh5LXrH-4ESgMZgEXjVvumf9OjJoe3fma9iOHH2qyH_LL7pTF2b4wNtnlEjeurn877nXXeYaijN4R3AjwI7HHKxVgIbVKr6JFSHcCObYUaEz8lcIM-9FqZ-6c1O09WlbSdn0U0WG_o9lI3CnlWJ9kEvJAytE0xbK68mTqc-KQdKXWvarj6QJPOXY-N6BZWO4D5JReMGqKAVBwV-aJktR6v5Pih5Bh1OlrgbjdduPWvIl1HRyh7tbPbdtB87e7hJv-Z6HsBbd_BQ9HYZFnjIOyDam3FAJ9xUX_3SgzWuI-7ZvA_kZTxwZioGatVuuZ5U67caXEtoHvWruMLJzHnu0ScodX5uhP3pn3_zfcT3CoQNjbbNFZuycetO_rvLtgJiBRT-Ma8LVW9gFLQth_Wb7h0bmGTWf0xmk97k_x7biRAnjpvhOZXD5Lp9zG8mXe9S2AhBveVjm8TsDj4U0s5s18KLZ0nnY5D7cs16mMGZrtkqrsJI5PPKgD9z6OZO6enhtYXY4BFf5FZznN-ZpAQ6ksYwpP5A3V1EeYobyeNnQbvmTC3jb4NrcBtKa-jW19D5lIkRh0wem14SK8C3YbsiCFa-pw-Xdjy1zqI8antbFbgp5YKOLaiclMwBbktF_gGAaKMSrsj_COm8a5Ak4SsIBr78W_TEG8eAqCKSAi_yw3W2A0bhUNlnTK2utTPNvZCBbH3rxZ35iTEQpdp_O3HE3I4-hycc8GiENlh7AZXAunQ1Li5tvZbSPvStaP69efMFQupU2-_k7uZWGOvuIvXbf8fCJaGtzmA-Bof5WipOXQTj5n_ft2p169CxtYSSIcT6QRIIzLrjokBqidY_KxJYFOBInr2FQ0BmhTpx2EFezvzvZavNy5bCX9HHNtYXSsYpMi9UcIVgKxRSoV41BBd-DMxi8ws7wAoT3hYABKyo7sZCrCLfXn0dykxtL-Kp41kpVruNwsy3EV3XCoc-Csp50SjY2OjA2KYCUJde7LP0Yi3WKZ4i90eL8644uNcjEeHcFhBTaou-W08biCyEieKvJCLDm67lFM1zWInQmOL1y0r2yL8DtelH8-gGrMtfgX3GfpgvhqbPfmlKsQ3NYagbPQWcR1jyor3wXYyoU2IZ5ixrzFlNz_FFaXNARdptLoWr34-4StkoKq6zWjbWvUe1eXeLVKuWgcHxSPt7bTdbhmR2ojLwSVtWM6cM68i-Ubb4uu27Js1wBoK8_jdkrOkfKNWYpPp7hD4iS4YAFPtNK1PwuJKIArKAsJGs-bU4Flt5KMaERqjk4NPNvgld7UFOjzELu2bheyCLmdfjXKo2awVx6H_Z3sySK1MTjYnbLcolPHlaStAlfpdineRgEvMwGAfJ7R2EDsG7WPrLcWI6Qg4LGXz3xhmGpmypPZLebxXU5_tgrn3SfISlnDvIrFTcR8HoyfM-u5aMYiJuKXuAR2jOpaSxpsQvk1-3vGiPGgCpAouZ_TOijIaDJpOUlfF4pyMKklC7Ozmbnn5zR4LdHBKLFciowMFlMFwwtU5z41pD51IYPfj_qj0UskuiRu7cxvQvOmIzgk_atnD6xPy5JDmVRwvRpWEQ&cid=CAASEuRor1VeW05QAUSq0IRTvGRfxw&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstvgCZIa8l0hC6y3OMrzPExNNZn1ofvxb4p8Pvh7UxAI_6U0gck5H-TQdpkw4KYu5vicdhmEH1J8OwuaZkP2Gc264-TumIkI9Sux2ZkCBamg07f20gCrtQKVh76pXV8dlpn0QoPYY3QqnsP00aRR7oJ7Awd1TzA6FMohuvd_XRZxN0eTURQrzMEumBpFmcKZ4QjsCLymsaEM8g3zqtE1DiB47LfHqBIFFQfAgd5au3QkTcCtmnZLPUJVhMkLyxjNkuo-G6wUyMdeSyQG5KwuG1UfVN3QcWjNtDMpy4PsONVsuRGYc4yrKxHVXu78wDa7jP2gbBjx6Kr3bUZGutTgu8p%26sig%3DCg0ArKJSzIBs0-098IdWEAE%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:38:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame F27C 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvrAoczvz5KxAwOi8CvYmd69jSoshAsWOFsN9Ss7TWlJQA4qOp74gKFxsEoBSFlOgJf52g5DmjmGpt16cN3aagNcL5k8UYzP713n8zplJrAWI6s-U3OVrS_smQe8Oijv-lyHs4Q3NXUT5fFzlTBfWZxTEZng&dbm_d=AKAmf-CWNWuk8b-ToBiiaGLVX10FZVhFo5iP2YE8AcjHF4gJdr1BN42UhZXEitWvAvUZU4l4dByISz1mO89XkoKbM6eT4wKyFEabhFL28AJqf9uq1VFfeAb5zfwsylOOwUB4-XrGmZTEZH5QWCotTZEHxtsrdNCGCej1nifjVpM2OYrDwQY2OQjAFtoIjNv5ChiXzOdHDPAO6CziAcv6F0tW2q6hpMOSNJMW3l_3p3tgaTpkL4-mLiT59OH1nYwLIdLGYlde1YmodoA2MFZJEeeYXjPH1xC66ZtLZKAvDzULbWmcCDb6PWmvY4Kl3jwhQn8O9vKQn9xes5OmVe_zdYxynIeVeDBicKyvLgqKEKkLx5weaqtkfClcCqfskLq8nX1jj1PB-TVpXrBRZxYn6M1me2PiXKlYv2DaBogpiFnyhrwUNVWIZ3I18SrPBH_GQcrHVkSflLvSjtaYvBuqxL5RM_0BK1OaimTzjCoz3SQbtB7kd8VjgdxvSeMof83fD3oRN0SEFbkIvTTrpywdzjOUXDAq62gZCCcv_03wLq_5xJKs9jzGGRV7EliifEqP1TWEo8bva3fhYusEH35d9tmmls2YMDyIL4x_Ty4Ibea1hL6OMN759wBvjGpJAzDv4k93Wz0XLocKl5hojyh4d0_5TplToSQLaTUTrTB1SQGahG050tbHpMknP97ci3jp-lR5Dzk4G_VafZs2EeCJ2_xjJv3q64rMdBaNwZTYi_-pyBInMEE5L1XQhAdqbMlCYzodbbzemKzE-sRQU1wx2l2oDv8m6WGwW55IkwrpQQhB-tDNr_KgIV0tlmeMiBZ017RYyHuFWMetp2sxdA3zY8TX8Ku-Sbso2cwEjU8yOtIhM7_ZKc4UNS1lVLEL79oDXY72HQVHT-J7xPM2wZdXqMFaKIlTxs1AIC75mMtl2j3eULGL3aubNLDxaJBUkxZBKCv3s0Gy-m2Cfcs5rtf4NlFiKtiekL69K6sw0OrtZgnJhgdOIDIGbv-9BWOvNFHqdJ-c6c6-OMoU1_g5nf8Cdenmcs0-RGZeCe8o4LmB6XoWNNeH6SFYb1XSjQkLbFfpRYV9ZsxDtCyjZGlwY9MpZUzEfw-zjFo3B5zVPgDisADK6UpZnnoY5l0_S4kUcmbYQU3vMQo7cTicPORVPSDYdDBZMcbkhTIGxp2DxN47QmQOYWIhfibnah3_6DgnJ7aNXCfbvUeVxw9q8GanwQiKsopLRbMBNCK8S3SgkadvQIWrDOhWkVi0WNzJGqTKVS0hp_T0x6Z72LQ0gdEO0pYGFxeMajngwWwRdTousKirv4MYrydEXcMYMFzmxZDX7JndeBI2N-n218cbNYqQV_Mgpr46iowhgSeZqzDIKUn9dAlPs336TsWF4cLguBBfz5n6qi8N2AaSn23VZyeVCZnCFqouXWCj6lavFNX0kZUovEGepTtfBJKQhJFVQFCNrz9218-6GHL0xgQ5EhmrYPWXy4kIQnITeKNKA2LNvnt4BCunjU6tFijl_qj4ZgKjgMzh4ROzLXQGycaFP7GvnsotXWEXBgEUNWXiT3HEvJ7m48RWkEcB6PbXGji_k2OkbRlSVf5FZ-vryJhovtN7jSQlpoEjWYycoqSA5sRXb5Jo4E4MONy1B9si-WdEiJULRJTuSqVF_9q9Ng-iL_b1x_uKSuColaDxo903y2gFDNXDE-gcrDOT2nQ7JuXXr_KrYFr5NuQUbeXrHLf17V3iO4V7WSis7CwyksRkjVEpo5-H3DAFqoZEqpyAo4XXSQhYjlNkKSd5d3TcZyVvzhHFJpdeL3QTp5q50C2M4crNEC6ypZ5QsXw1D8IgB11HElqhZVCFhvZDnonhZnUegAo96tCpFg6yz7j3uShI1NIGQETwxeWftF7JBBEeB32l87ip0jIsxqpqnnBpJDc4DAzkevCeZNSyuZYDlfnNSpqSgg9707KVDPaaF5VfJlINhBRuwID7bPgWJh8uviQ8RczPKB94N4q7JxpmiPt5VGlcS-BluLsrer21jQq-3UOv9EdsjsOaKpvZx8vWiBVLVgdEvdgBgZ2bg82NVpXpLEd3G42p6FWredv3-XvnQ5wvdaXO293c-rzgH1K3FZlSor9oaKKRZUMHmQmOv2bJ3Dg6D__944exC1fyFAGm1VsVnTf2B3OVvLyZXh6PK-r6mAYl-RDUUZ8QCgy9PxpGOGIl7UZtO33cCTQA7UVPGBTA-DReQ3VSCdxtpcrQ5J8Z0a-u3nDGCoWiB6Ej0fXvMgBaGYZrjxYcOChVBo4pkr-09GzKRphnK5rD66K7i4HUrKxEJgpyRZVSUswEcwnv8RrzHhbhHtJj66_b17916a1JABCdzAoY06E_UXHXkeAMBqlvPDPdkWP0P3Itxwzde3lpxAx7eafUYvvMdpyRfGDZhfyUNILvN8E_FsnVYN2mIg1huQEb2kr3RiRKFj6Abe4IA6kezt_ypFmRBQTY9tyGTOGnEDe25TF5f9gLXuE2FItFRI2qHv-xzWvO3IynGbEVxZBhWUvVVOeqC81fCF7fFipdIxR7XjIskFzAH2Vbst4TrzO1GHa8EAOETJ5G49NzRzrm8DEBEbNDANd_Awmw1gPxX7Jg1WOCg-YM4rgscTvwcFOTE7R9bGadbrd-vtjrwHiMq8Eqlcaq1IF6M63zKmhwJc-pXP6y54PQTVrQMwuLB605aErMYNaBkmjWz6KLpGTdMJAFzXEFJ9BaxOEHLSdRDtTYT5N6stG4T_TjZtGEnBjy2YYC-Uv096ktuR2WOeJYRBgcJT1bRdKb_aEayIud6h_aIycu1qN24PSl_wLWP0XpynCutJPKPRNx3gFtjV7X_AZ9faBG8M6LI9W3PPnfiQdlDN4mur58RPho6olI6oKxxPth21iXeVQA_E4oNLEIFhHo8b_mh5LXrH-4ESgMZgEXjVvumf9OjJoe3fma9iOHH2qyH_LL7pTF2b4wNtnlEjeurn877nXXeYaijN4R3AjwI7HHKxVgIbVKr6JFSHcCObYUaEz8lcIM-9FqZ-6c1O09WlbSdn0U0WG_o9lI3CnlWJ9kEvJAytE0xbK68mTqc-KQdKXWvarj6QJPOXY-N6BZWO4D5JReMGqKAVBwV-aJktR6v5Pih5Bh1OlrgbjdduPWvIl1HRyh7tbPbdtB87e7hJv-Z6HsBbd_BQ9HYZFnjIOyDam3FAJ9xUX_3SgzWuI-7ZvA_kZTxwZioGatVuuZ5U67caXEtoHvWruMLJzHnu0ScodX5uhP3pn3_zfcT3CoQNjbbNFZuycetO_rvLtgJiBRT-Ma8LVW9gFLQth_Wb7h0bmGTWf0xmk97k_x7biRAnjpvhOZXD5Lp9zG8mXe9S2AhBveVjm8TsDj4U0s5s18KLZ0nnY5D7cs16mMGZrtkqrsJI5PPKgD9z6OZO6enhtYXY4BFf5FZznN-ZpAQ6ksYwpP5A3V1EeYobyeNnQbvmTC3jb4NrcBtKa-jW19D5lIkRh0wem14SK8C3YbsiCFa-pw-Xdjy1zqI8antbFbgp5YKOLaiclMwBbktF_gGAaKMSrsj_COm8a5Ak4SsIBr78W_TEG8eAqCKSAi_yw3W2A0bhUNlnTK2utTPNvZCBbH3rxZ35iTEQpdp_O3HE3I4-hycc8GiENlh7AZXAunQ1Li5tvZbSPvStaP69efMFQupU2-_k7uZWGOvuIvXbf8fCJaGtzmA-Bof5WipOXQTj5n_ft2p169CxtYSSIcT6QRIIzLrjokBqidY_KxJYFOBInr2FQ0BmhTpx2EFezvzvZavNy5bCX9HHNtYXSsYpMi9UcIVgKxRSoV41BBd-DMxi8ws7wAoT3hYABKyo7sZCrCLfXn0dykxtL-Kp41kpVruNwsy3EV3XCoc-Csp50SjY2OjA2KYCUJde7LP0Yi3WKZ4i90eL8644uNcjEeHcFhBTaou-W08biCyEieKvJCLDm67lFM1zWInQmOL1y0r2yL8DtelH8-gGrMtfgX3GfpgvhqbPfmlKsQ3NYagbPQWcR1jyor3wXYyoU2IZ5ixrzFlNz_FFaXNARdptLoWr34-4StkoKq6zWjbWvUe1eXeLVKuWgcHxSPt7bTdbhmR2ojLwSVtWM6cM68i-Ubb4uu27Js1wBoK8_jdkrOkfKNWYpPp7hD4iS4YAFPtNK1PwuJKIArKAsJGs-bU4Flt5KMaERqjk4NPNvgld7UFOjzELu2bheyCLmdfjXKo2awVx6H_Z3sySK1MTjYnbLcolPHlaStAlfpdineRgEvMwGAfJ7R2EDsG7WPrLcWI6Qg4LGXz3xhmGpmypPZLebxXU5_tgrn3SfISlnDvIrFTcR8HoyfM-u5aMYiJuKXuAR2jOpaSxpsQvk1-3vGiPGgCpAouZ_TOijIaDJpOUlfF4pyMKklC7Ozmbnn5zR4LdHBKLFciowMFlMFwwtU5z41pD51IYPfj_qj0UskuiRu7cxvQvOmIzgk_atnD6xPy5JDmVRwvRpWEQ&cid=CAASEuRor1VeW05QAUSq0IRTvGRfxw&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstvgCZIa8l0hC6y3OMrzPExNNZn1ofvxb4p8Pvh7UxAI_6U0gck5H-TQdpkw4KYu5vicdhmEH1J8OwuaZkP2Gc264-TumIkI9Sux2ZkCBamg07f20gCrtQKVh76pXV8dlpn0QoPYY3QqnsP00aRR7oJ7Awd1TzA6FMohuvd_XRZxN0eTURQrzMEumBpFmcKZ4QjsCLymsaEM8g3zqtE1DiB47LfHqBIFFQfAgd5au3QkTcCtmnZLPUJVhMkLyxjNkuo-G6wUyMdeSyQG5KwuG1UfVN3QcWjNtDMpy4PsONVsuRGYc4yrKxHVXu78wDa7jP2gbBjx6Kr3bUZGutTgu8p%26sig%3DCg0ArKJSzIBs0-098IdWEAE%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 967C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 10:43:39 GMT
expires
Sat, 19 Mar 2022 10:43:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
96954
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		129 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308950366/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6a6f8e29d1800eca43694f289eb9714b7c33184094797fc932d5e38a1b17913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9506911/1604308950366/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
23568
date
Sat, 20 Mar 2021 08:34:42 GMT
expires
Sun, 21 Mar 2021 08:34:42 GMT
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
18291
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 181E 		0
255 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGPxby4j2HWRDQ9d-a-CIenf0Cyh_KJkU1wgHLlX-YWUJYp87zPSEmhkMh51er38JuKbDIdFrEb_CcHWCSiHN-KaJeCig0BLb0Yo3x_LnaE32P2mwd_DkrOWp8CBacJSbTyYaLzgYq7LiAupllS7WyZB5w94tTJdnAaopgErvqf-NnWeMuLPnDuoGYNscIdMBIH9fM9fLh9qXbnrtBn6o28EidjQ-G8UdtlV0lT23lzGE4zgo6FArjb_A_kGGsreVzUeptzrkS1qgweSmqYF6EQ5PxNMxpTmoD5jf36iQJzr77NQfgCGGpn4FvOx9JL3IA6En99t_8sExd6aZtdnnevzzuebbCDkIzp3EdOgrSf4G7MRLTRo24W3RCBgOS72JQ2tKhber0FPn7oNmtTlqy4kyvv1Sfe9zJuxcXxGuyCwOuHKBMev7_bP4_SDatnC5ugtaP_0tgCkd3rBfOxcyCsszVWr8z72Ena1XGHKgTQSpoofH6pwguzqtgbKFqM9h67QoxC1LGQnnjAhmbaTtqQYT_lLufephZlXtEGJUr8vAfaxZVipEDwmbizcAIBtsKjmu_2Yx8MoFs_bSkWFKa3C5KYBFJ9pJMTNpR_ADXh-Dq-0RYXUrpxbiIziUjDmB2xGoi6CkY2VIY15JphIuAGtINqD3bdkyG5GlanIWjnzgbDOgFVLKwLW-yFpXystkOfbaYemhffLA0KCRIF7ZUBPAJklFnlT_McKSa64H0XyYZ_q-YIOVGJ5LDNubg8Sz7LXRWhq1eZmaiaFHJJeE8EM960Ire4PDRuLxKTLSP_mJ7qDihdnpIXYiSt0mQhFaKhd6vtvejZNyfB9WTAlDMRh0CIytEYcyoeFNSwA3xJm0eEWNLj9tmiSkTp0PGtAdshiA2BxtJS1COOg7IrqzTZBvMRNvRkaqVrrQtGWj8xfjCx0uxoqQvB4iZRBlGC4uF4ttBEdgEHZG6bW8aQlrVQvQgWHawPT2HIEaxTd77yf4Ryqc7S8U91AG0W51QbJXqeXFXKT-b39bafWQywLq-pn0VRMHzjiGG55nr3-qTeAzjNdrzfhOtDIQ2qGy3APpWdup_ZX2OY1jIgwTgiezrRZiKmcvtodOk2pmzDlNKL5QuaZbBcd1hW_4qlWbZIyvxjZGik3UNnePMBKyxHbxYPfFwhzdk21jNDeL0v4rJrvRJlb3z1kmR4RJ4Rh_Q5QkbYZC3RipIXuC-TaF_amwvI_23WUdIW_1HvqgpresA&sai=AMfl-YQAIxvf7XJFShhZnshmn-QeZLzwSjqYDbP0tcvqJj0ib-rpM6Dc4uYuTncpza8R35oImUcSS8g7yGLbS0sjNxYbSClExwKqRcgnH-8Gke7RH24PUXMPXxX_KSmxROS24Ed2uwuDA1GilFOApv8Eh8EoSx_QungAcCgVuD_-8QXXfQFUKk8XwA&sig=Cg0ArKJSzPtgi67hWxh1EAE&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=106&cisv=r20210316.70356&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 20 Mar 2021 13:39:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 8F91 		0
0
sync
google-sync.rutarget.ru/ Frame 8F91 		0
0
-
s.ad.smaato.net/c/n/// Frame 8F91 		0
0
sync
pixel.advertising.com/ups/58202/ Frame 8F91 		0
0
sync
ups.analytics.yahoo.com/ups/58281/ Frame 8F91 		0
0
p
google.ops.beeline.ru/ Frame 8F91 		0
0
dot.gif
s0.2mdn.net/ Frame 8F91 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHRimFd5iEqkSZh8EMe5v5k&google_cver=1&google_push=AQvitUKDY8xkhz4gWiWK18-WCv2E83ZR9xtorNAp0lQAP0Jmsp8trz0WQWQcrT9zxRSOc3SwMoEYjy_UM50xOjKZgihIyJrupqCBxA
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:39:33 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8F91 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcvUTzDgk9zb9Yijrltd8YT8jCMUB5oez_4FtBI3OqN-fsDj1bvYgK9C6sI7NOc3yolxDbOjMYlA
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		151 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5471761/1614585087903/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d5fe8a717872dcf281edd3aa100cbe2ba143547fa698adcafe0df196d36f0a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/5471761/1614585087903/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
24753
date
Sat, 20 Mar 2021 13:39:33 GMT
expires
Sun, 21 Mar 2021 13:39:33 GMT
last-modified
Mon, 01 Mar 2021 07:51:27 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F27C 		0
61 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuio9DUvnU7Gu_5vxMNbokAYbEp7SEyDr4mYou0Bi9lEV-NjZbsCwyOa-EvQ1jnO0OUxOri52yzRWnKPmtDzMVzT1ta0Boqp8efX2g9dAV7f0bB4XBR-nURAvi6PkqXV8VBrze8K_AOonAX51-VNhyJQll6QT0CWRpag1nZArK5uXDLxtUryXh6FT4zlc0DBO01Hv0v_8AD6yff_xxCU5BZBVN8mxS0IcWw2uGg7T_8CSBbN_PaVyADhl1vj0RRQSHU18JQaWeq8RaORrbZIE6B-q14xkIMNRwakRj6yIJogBZxdAp23EtvN3P9lg0JCbA6lFPM3hvYtxNNrJ4CnCEafjzm1LekYdqWCSQ-Nu1ib-wJ11FM0DpWu6TSC0LmVjQ766ZqGZfcV22aA-oU3IqQKwkbn2EGbTu2jqwutdDgKYv5HfxruVgEv7iUJYBvveb5RuRfVtPd0NF6VIwVymsxekHZMkEwPe0f47M0dyp6hAtu39MTyrQ7lh__rGLVwnrENOFoGMBbyLhoj7e6ZPPABR0VsWJWITPyvjTxNABJxl00pl699gb6mdFnB0NGEihvyK8fpmm9ytgmNWrEVLCKr2-rkHp6YM9qgVcUIrdwV9JE8q12UH93tL_mPKazSciMiQyECHIYZL1qA2UFbBt3QEB7fT5YtaBzbjV8SLpo2Uh7F4So-bcANjdfd_ihJ7e6NvAz5EO1YAKaQRm3U1smxWK0-c9JUP3aAGg1w9uMHhzHbVubysdnHRK25ZE0U9J5oWBI4rslJjy-8dyCdtdnYTPEclu2bxzS9QlongGDhSIuktf_WYtVYZP28i3v8wddYguFBDRriNP-cHJuCr5EPFkaF5CnXd3gJZVKITEmdg2wbBhslepiJX2uPcsHKwOT6-seA3rJchGAaKmqSJEaXpU7sLn0GQFtu0OkDcmJ6ZEPGJULdo0nhhe5zIfl06RJ_q16y6SVVmmH9feAA6j3dUv0iMkoSpteVtrbVGLYi6vXWyLKtNsiWV-veljNQr2_WcRe93lhMuwfWtPboc-JHMoZHiV3GFs80yyqbnpsHGbktuf12sRrvblkWW3mVwSGTeZCwlIqFU9gk2t-J84X_ZIqV9NPd9jVR49W0ECx2Hz3r6sR8MtF3qP1HkhdoJ_d3Z5pCR-4mgCSL_BcDEP10iNqCmkwfdfDFsg8Lt8W7Z1zinj-vZXig4cF1skfeljO37NUKht0sX0jqHCnf3ZeRBOZg-Hdww5zfubcVf5y-jAgRZs8dPKXdYRCcFk67tIYABaAhhwxNtA6fVp2_qVVTXMVHaMBJqz4i0l_6Fg4MVhW1G3gYMSWqUlw3eBnqbWdeNfS85m6Mtr6LvxD6PDSgKi0Nved7eYYez0TGZq9xX2Yp0JfpwOP57hbzvLj6aaHITH9iAMqdhaxBsx40Rs3V34aZyhvqrqKVu9yU5fVjz6Hl0eFpXq_4xunNEy4Gif7_KUOkg9yyaju4oKoNK_FkpZRiGFic_iNN5xaxhYw0leHE_G5dLw&sai=AMfl-YSmzzZLhgodf31T00pd5AbsEWuWSnajaDwPtQsopFWqV_ZtDo5ODaqEz6xGU6HX9CghSxezrECBhTHfj4ssLnmDPwaDYzH5Ftbn9AbDGfHCRaVzNjslzg3h0VNbPamlAivfeZwqRwfc9M-OQPBXb1rKopMRpdq38JBxtbNotAjcew0YqfTHrccrFG1aoAriqE03us92I_-2_edYSBStucxGe5SlsItYfGNuz0Qs0HFqce0phjcuw08V7sk9YsTdwlxoZ0xREmcejLUf-exhHJg7v7tMkWWpaUs&sig=Cg0ArKJSzAMhJKsbPdawEAE&urlfix=1&omid=0&rm=1&ctpt=40&cbvp=1&cstd=38&cisv=r20210316.27794&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 20 Mar 2021 13:39:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F27C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96954
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 10:43:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8C34 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 16:59:40 GMT
expires
Sat, 20 Mar 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
74393
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F27C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ca4554043cdb005653967c6c7184978fe4b8057281d778403e6686d2cf12748

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F27C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYVM6SDYmBFKbSh6TQ6K-RuRojzUANjjr22XHpEQenAUB5wONf6zkXmmEBPS-npsH6xNLH3y87kG2FdIw48J4yim9VRPAGeuh2_efsENM5-OueGDZIVuXWWeQVQ_Y9O5ha6c8hNYzYwaoH0QAzXm4uK1Wqo68rDcIoEEFmaKfQvjE8kCk8Q8rOLCMHkwnTdF3-eDYH6RK3F4Y4Yhsc9OsZHc4siJyehPcVB32R1kQC0_OqQpw25k8ob2ODX_09yd1s4LML4BWf0nys5TpixcwPAJUFxOW2QO23jqDYBrCIFOfmO3q2-uyiVvKgcNBM06dpIf7-Uea92CVdMsz0UCP7Z7OfWi8&sig=Cg0ArKJSzMp0mGkjG5p4EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 13:39:33 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8340 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 10:43:39 GMT
expires
Sat, 19 Mar 2022 10:43:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
96954
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 967C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
88473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame D59A 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308950366/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15129
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 09:27:24 GMT
g.pixel
aa.agkn.com/adscores/ Frame 98D4 		0
0
g.pixel
aa.agkn.com/adscores/ Frame 98D4 		0
0
css
fonts.googleapis.com/ Frame 8326 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,500,600,700,800,900,400|Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5471761/1614585087903/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b3bbdc7d83a502f9b39a4cd16879549abdbb95279f66820b8dfe4001b338c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Mar 2021 13:38:24 GMT
server
ESF
date
Sat, 20 Mar 2021 13:39:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Mar 2021 13:39:33 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 8326 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5471761/1614585087903/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15129
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 09:27:24 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8C34
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI9FASkKQeFJltylq_6cKTQ&google_cver=1&google_push=AQvitUI8KGUv55t1zdsfnjuGcNdO_X21KyYpA5hIKpUVuYRcbFVyqh3h9-xzoDfT8oArqSKs4OoitnmzesuQWVZmvXIILN71kCTA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEyNTE2NjE2OTc3NjI0NDYyNg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEI9FASkKQeFJltylq_6cKTQ&google_cver=1
0
0
google_pixel
ads.travelaudience.com/ Frame 8C34 		0
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 8C34 		0
0
/
c1.adform.net/serving/cookie/match/ Frame 8C34 		0
0
pixel
cm.g.doubleclick.net/ Frame 8C34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHsQxRaMdkNdUgSOXc0xj28&google_cver=1&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxGMDkreAhj6JcuXp-4sKS5pvUpQ
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxGMDkreAhj6JcuXp-4sKS5pvUpQ
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01IUzJOWDgtMUEtQUYyNw==&google_push=AQvitUJR-Ft1FuWdbNroZGo01RpkgRIVYsM9d5rUe4BjFA8LbRBDaUn4Cp0y5dkRCmInMMBNFxGMDkreAhj6JcuXp-4sKS5pvUpQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
us
sync.go.sonobi.com/ Frame 8C34 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8C34 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jzq0NT5bwA5_0-e6cNuUmApAQ1x87x3cnp3y_K36QpRoCAsTuO0XaxKnayD_HKfg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
CoopCondBd.woff
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308950366/CoopCondBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308950366/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29944
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
CoopBd.woff
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308950366/CoopBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308950366/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32612
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
sync
mappings.ivitrack.com/ Frame A004 		42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mappings.ivitrack.com/sync?realm=taboola&uid=e4e41312-dddd-43cc-bcb5-dde960cd8a6c-tuct74f8095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://itm.ivitrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:32 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
42
view
googleads4.g.doubleclick.net/pcs/ Frame 181E 		0
173 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGPxby4j2HWRDQ9d-a-CIenf0Cyh_KJkU1wgHLlX-YWUJYp87zPSEmhkMh51er38JuKbDIdFrEb_CcHWCSiHN-KaJeCig0BLb0Yo3x_LnaE32P2mwd_DkrOWp8CBacJSbTyYaLzgYq7LiAupllS7WyZB5w94tTJdnAaopgErvqf-NnWeMuLPnDuoGYNscIdMBIH9fM9fLh9qXbnrtBn6o28EidjQ-G8UdtlV0lT23lzGE4zgo6FArjb_A_kGGsreVzUeptzrkS1qgweSmqYF6EQ5PxNMxpTmoD5jf36iQJzr77NQfgCGGpn4FvOx9JL3IA6En99t_8sExd6aZtdnnevzzuebbCDkIzp3EdOgrSf4G7MRLTRo24W3RCBgOS72JQ2tKhber0FPn7oNmtTlqy4kyvv1Sfe9zJuxcXxGuyCwOuHKBMev7_bP4_SDatnC5ugtaP_0tgCkd3rBfOxcyCsszVWr8z72Ena1XGHKgTQSpoofH6pwguzqtgbKFqM9h67QoxC1LGQnnjAhmbaTtqQYT_lLufephZlXtEGJUr8vAfaxZVipEDwmbizcAIBtsKjmu_2Yx8MoFs_bSkWFKa3C5KYBFJ9pJMTNpR_ADXh-Dq-0RYXUrpxbiIziUjDmB2xGoi6CkY2VIY15JphIuAGtINqD3bdkyG5GlanIWjnzgbDOgFVLKwLW-yFpXystkOfbaYemhffLA0KCRIF7ZUBPAJklFnlT_McKSa64H0XyYZ_q-YIOVGJ5LDNubg8Sz7LXRWhq1eZmaiaFHJJeE8EM960Ire4PDRuLxKTLSP_mJ7qDihdnpIXYiSt0mQhFaKhd6vtvejZNyfB9WTAlDMRh0CIytEYcyoeFNSwA3xJm0eEWNLj9tmiSkTp0PGtAdshiA2BxtJS1COOg7IrqzTZBvMRNvRkaqVrrQtGWj8xfjCx0uxoqQvB4iZRBlGC4uF4ttBEdgEHZG6bW8aQlrVQvQgWHawPT2HIEaxTd77yf4Ryqc7S8U91AG0W51QbJXqeXFXKT-b39bafWQywLq-pn0VRMHzjiGG55nr3-qTeAzjNdrzfhOtDIQ2qGy3APpWdup_ZX2OY1jIgwTgiezrRZiKmcvtodOk2pmzDlNKL5QuaZbBcd1hW_4qlWbZIyvxjZGik3UNnePMBKyxHbxYPfFwhzdk21jNDeL0v4rJrvRJlb3z1kmR4RJ4Rh_Q5QkbYZC3RipIXuC-TaF_amwvI_23WUdIW_1HvqgpresA&sai=AMfl-YQAIxvf7XJFShhZnshmn-QeZLzwSjqYDbP0tcvqJj0ib-rpM6Dc4uYuTncpza8R35oImUcSS8g7yGLbS0sjNxYbSClExwKqRcgnH-8Gke7RH24PUXMPXxX_KSmxROS24Ed2uwuDA1GilFOApv8Eh8EoSx_QungAcCgVuD_-8QXXfQFUKk8XwA&sig=Cg0ArKJSzPtgi67hWxh1EAE&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=168&dett=3&cstd=106&cisv=r20210316.70356&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame F27C 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuio9DUvnU7Gu_5vxMNbokAYbEp7SEyDr4mYou0Bi9lEV-NjZbsCwyOa-EvQ1jnO0OUxOri52yzRWnKPmtDzMVzT1ta0Boqp8efX2g9dAV7f0bB4XBR-nURAvi6PkqXV8VBrze8K_AOonAX51-VNhyJQll6QT0CWRpag1nZArK5uXDLxtUryXh6FT4zlc0DBO01Hv0v_8AD6yff_xxCU5BZBVN8mxS0IcWw2uGg7T_8CSBbN_PaVyADhl1vj0RRQSHU18JQaWeq8RaORrbZIE6B-q14xkIMNRwakRj6yIJogBZxdAp23EtvN3P9lg0JCbA6lFPM3hvYtxNNrJ4CnCEafjzm1LekYdqWCSQ-Nu1ib-wJ11FM0DpWu6TSC0LmVjQ766ZqGZfcV22aA-oU3IqQKwkbn2EGbTu2jqwutdDgKYv5HfxruVgEv7iUJYBvveb5RuRfVtPd0NF6VIwVymsxekHZMkEwPe0f47M0dyp6hAtu39MTyrQ7lh__rGLVwnrENOFoGMBbyLhoj7e6ZPPABR0VsWJWITPyvjTxNABJxl00pl699gb6mdFnB0NGEihvyK8fpmm9ytgmNWrEVLCKr2-rkHp6YM9qgVcUIrdwV9JE8q12UH93tL_mPKazSciMiQyECHIYZL1qA2UFbBt3QEB7fT5YtaBzbjV8SLpo2Uh7F4So-bcANjdfd_ihJ7e6NvAz5EO1YAKaQRm3U1smxWK0-c9JUP3aAGg1w9uMHhzHbVubysdnHRK25ZE0U9J5oWBI4rslJjy-8dyCdtdnYTPEclu2bxzS9QlongGDhSIuktf_WYtVYZP28i3v8wddYguFBDRriNP-cHJuCr5EPFkaF5CnXd3gJZVKITEmdg2wbBhslepiJX2uPcsHKwOT6-seA3rJchGAaKmqSJEaXpU7sLn0GQFtu0OkDcmJ6ZEPGJULdo0nhhe5zIfl06RJ_q16y6SVVmmH9feAA6j3dUv0iMkoSpteVtrbVGLYi6vXWyLKtNsiWV-veljNQr2_WcRe93lhMuwfWtPboc-JHMoZHiV3GFs80yyqbnpsHGbktuf12sRrvblkWW3mVwSGTeZCwlIqFU9gk2t-J84X_ZIqV9NPd9jVR49W0ECx2Hz3r6sR8MtF3qP1HkhdoJ_d3Z5pCR-4mgCSL_BcDEP10iNqCmkwfdfDFsg8Lt8W7Z1zinj-vZXig4cF1skfeljO37NUKht0sX0jqHCnf3ZeRBOZg-Hdww5zfubcVf5y-jAgRZs8dPKXdYRCcFk67tIYABaAhhwxNtA6fVp2_qVVTXMVHaMBJqz4i0l_6Fg4MVhW1G3gYMSWqUlw3eBnqbWdeNfS85m6Mtr6LvxD6PDSgKi0Nved7eYYez0TGZq9xX2Yp0JfpwOP57hbzvLj6aaHITH9iAMqdhaxBsx40Rs3V34aZyhvqrqKVu9yU5fVjz6Hl0eFpXq_4xunNEy4Gif7_KUOkg9yyaju4oKoNK_FkpZRiGFic_iNN5xaxhYw0leHE_G5dLw&sai=AMfl-YSmzzZLhgodf31T00pd5AbsEWuWSnajaDwPtQsopFWqV_ZtDo5ODaqEz6xGU6HX9CghSxezrECBhTHfj4ssLnmDPwaDYzH5Ftbn9AbDGfHCRaVzNjslzg3h0VNbPamlAivfeZwqRwfc9M-OQPBXb1rKopMRpdq38JBxtbNotAjcew0YqfTHrccrFG1aoAriqE03us92I_-2_edYSBStucxGe5SlsItYfGNuz0Qs0HFqce0phjcuw08V7sk9YsTdwlxoZ0xREmcejLUf-exhHJg7v7tMkWWpaUs&sig=Cg0ArKJSzAMhJKsbPdawEAE&urlfix=1&omid=0&rm=1&ctpt=198&vt=11&dtpt=158&dett=3&cstd=38&cisv=r20210316.27794&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 8340 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
88473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
coop.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/coop.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18289
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7509
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:44 GMT
Coop-Icon.png
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/Coop-Icon.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3753
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
Theke-frisch-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/Theke-frisch-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16567a7c25c8f64c0861b7eae3892722920bd09e5a77dd293799eb034194b551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17005
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
Ka_se-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/Ka_se-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81404aacb0d84988d864c671b075ca74f1baa4cebbb9f2b4c646233117d2d73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19900
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
lachs-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/lachs-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
764a170851cb6e2d00a02685b39a0c28a3378a19c82a568c4cfbc5df52af8031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21126
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
brot-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/brot-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30302ebb7094c997809ca671e593375ba4e34efe494a86bc3003692ddd27099e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17048
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
aufschnitt-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/aufschnitt-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6de2bd9b5cb6e9ebfbf874940becb16016151d713ee19049eab99dfe0965ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15912
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
tete-300.jpg
s0.2mdn.net/9506911/1604308950366/ Frame D59A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308950366/tete-300.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4d27239f61f3f12e511f7774931c0d59c456971f9f6ef1d7a13a2408420d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308950366/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 08:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:30 GMT
server
sffe
age
18288
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24916
x-xss-protection
0
expires
Sun, 21 Mar 2021 08:34:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D987 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL54FRf_iWW0UREotGZxk_Nd51o6W-rZbpnYGYUFIoXmeLhLcBbwVjEuhPHoE1szGWeCOpF7OTSxu2zxTuK0LCtOCIdxoH8mf2bdGx11jkEO8jxWWBJW6v0DqLewUfVBEu_U6dNhH2utItvTuqDL6Kvc1AVgRIpQOBubRRUL9r8DUhMIsZawMDbbIQwFWn4HOGfyRBND-Xiu8KDSX0U1KW7Hn75iNKBbaRCB07dmz3exFclYcWJTYuzqL4Z-c7YxT-ps1zr3Tjgvnk5Ewz8hOHU4oBFWn8LY_oVkiN2OO7iN4osktStlmHWVfqK78wOjviYYEDoj9juwQSx-5HySk6F1I7rxTy&sig=Cg0ArKJSzBEEl8y4doXWEAE&urlfix=1&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
get
odb.outbrain.com/utils/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&idx=2&rand=90342&key=NANOWDGT01&widgetJSId=AR_9&va=true&et=true&format=html&pdobuid=-1&t=NWQxODA0MmUwYjQ1YjdjODc0NTVhZTAzMzhjYzRmODI=&adblck=false&abwl=false&px=225&py=2867&vpd=1667&cw=757&settings=true&recs=true&version=2000250&sig=Ty2h6Kn3&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&wdr-natlaz=true&aqp=utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
416d10479d665ce3ddfc5c6ab5bc14ca38dcf3a8a4fdc09678df746db156edb5

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.56
x-cache-hits
0, 0
x-traceid
df701a77f6f7a2729a57ac8356bb33e8
content-encoding
gzip
content-length
6125
x-served-by
cache-mdw17356-MDW, cache-hhn4043-HHN
x-timer
S1616247573.246615,VS0,VE259
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D987 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:33 GMT
container.html
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 73E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 20 Mar 2021 13:39:32 GMT
expires
Sun, 20 Mar 2022 13:39:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 20 Mar 2021 13:39:32 GMT
expires
Sun, 20 Mar 2022 13:39:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Virus.svg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/Virus.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ad2b7b68d58d0dbc3ae406336fa2ec20ebb877b997a6e9546621f9b4f35290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4634
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3495
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 12:22:19 GMT
03-CTA_FR.svg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/03-CTA_FR.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a8e501d081bb5aed1a6470377a33468d32319cb82cbae94112f00182105f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4634
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1323
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 12:22:19 GMT
02_Text-FR.svg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		20 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/02_Text-FR.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03547537c1f5f8e3c2241822c62e49641f06d0fa41b6ba5f34b108b12bcb02f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4634
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4469
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 12:22:19 GMT
Logo_neo-angin-protect.svg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/Logo_neo-angin-protect.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bebc5b4c7e71053d29ab699bd5cd44b0002dcffdf880aa2857b952e619b29a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4634
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2340
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 12:22:19 GMT
DOE_neo-angin_protect_300X600_2_BG.jpg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/DOE_neo-angin_protect_300X600_2_BG.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d56b470e96dcd5fe9ecfc14cf953d932cacfd48ecd5024778aa95759306792b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
age
4634
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28437
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:22:19 GMT
01-headine-F.svg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/01-headine-F.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9318223c0ef5529ebe9cb96805a0a6b0cb1578851af0c5ed6755d3737f00d435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4634
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2617
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 07:51:27 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 12:22:19 GMT
DOE_neo-angin_protect_300X600_1_BG.jpg
s0.2mdn.net/5471761/1614585087903/ Frame 8326 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5471761/1614585087903/DOE_neo-angin_protect_300X600_1_BG.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb0c3dec4effc694d9876f18caf345720a13cbfb694e3e8d91a40b2d49a8e36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5471761/1614585087903/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:22:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 07:51:28 GMT
server
sffe
age
4634
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26225
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:22:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D987 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhUdfis1lP94WJfui2ss6lwMy16-f-bZEPO1UxiOuP8zKr7DD5DBPGVBvUhtmdspcCmPl2mTdloOv6qVD4j7nwwXIuFC-YwlbJKO5t2L5RgioEbWPo8a17FJic8gkbSXv-1JE7rq9v_Ou6fPDBKpufI7cUf9DvBzC_KezQQl-81ghFdOKgDWBDuGoQPpB3ITUErDiBIbf1D9_Gs0F5I6FOoWRb0sxtHyVR57Alx6ipmMN7_4SLCrJjc3WJl1xo6t6J1J0gGolIuciiShK5h8FZLH8OhlGzlB8rxR57dwZfyUIbVEkAFZMuRGjWR45dldKxE06rsQQgmxnMThdkyrANgzei_HTySFA&sig=Cg0ArKJSzH4IAHrCC8Y_EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 13:39:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6499 		632 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlEyRmlvipDoytpsgxL7-u1SRaMJA1OgkOCFc3LEFDWe8PkvJuoEdkQBMzzSdU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 20 Mar 2021 13:39:33 GMT
server
cafe
cache-control
private
content-length
303
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 8D02 		45 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8a85b9b8244bd6018836e5bf4275126b9c7f5af9e58a269f73a45aceb75a6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D02 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiZ5PxeGP1yIFdMVxrj09yjB_X306ZL4YGtHZ7A1V8iBlEkDUoSnAlIdjveIxoqsVmBJsEOvr1_n3aXo89GTEFC8QHlLpiRykdqr2w7L7BRfTCQRk
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8D02 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D02 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8D02 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:36:46 GMT
l
www.google.com/ads/measurement/ Frame 8D02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDzJUnMzjc-8KbCVvKqjs8IYGnyh0gaSqf41B1Es4b5yzPgJgyEs1H-fi1SxwRy3SGubxO0Ty8C6qHEuyPHi7qmDvosw
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B5B4 		632 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlEyRmlvipDoytpsgxL7-u1SRaMJA1OgkOCFc3LEFDWe8PkvJuoEdkQBMzzSdU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 20 Mar 2021 13:39:33 GMT
server
cafe
cache-control
private
content-length
303
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 73E4 		53 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOSk0huWjS74g83Vdm086AWfdw8bv18q5MauAqvT1tIMLdjRYJ06gJpUyqIrZqwx5z72WWXnQtgjtwD-XuMrJNzjupqwopTE3hVb0HXO4zHjG06ppO2QQPYwWcl5_pVE-gg_zkmnZYYSnMVHZWFNvNgWr1UQ&dbm_d=AKAmf-BSVne94Sao36oKiN12r84Xe7kUv1TpJ-OYN_c4Ujio0QOql1EihFxcfxtTxtuM6jUCrMLCJtlYeFIC4hdG95lnWPKyyFaRmPQEkhnKJ9i1NwIDm6_hIWyII3T_ah0PosEqg4bpNryd2HgT9X3oqZyAqz9ZKsBHYkDc5DT-15CETSmbGoYZH6hAtpH7te4uLRPfsz4ZAMS0I3z1fRduqKXZ16sg72_ohcU9fgdf7KjCI-ZMlt4cac0fI48Enp7rZWXU0sisqNCuKaCGFHo1L_4SaKRytIdS9hVmS07tyuv-Dlq6Cxm8gIqgM4hUhyXUTxTJiKmYKtYzMEMOtgb_n4V0mA5gvsvvRagewjD3UPIEQ8DFG2kXvTbIcUsJJNO8tgeSvOtI0JHmMkzzYhtvOK6ZSB3NUC500e2OrzD2CCCNaNZXFsIORDUn-_OdqzcrOIxduvUqB4Xtfu62xUfXk1_wsV2yc4zZ7RxC-jo7-9PjxVu0SX6n7zmE_MoMyw-g9S_gXgMzn4PlMqSyzyaZ85xHAHc9Sn214aBu3yWreqJE3OBQcH0TLZjBY8vR5BJTFeLJISKXnDsVHDAHYvRZ4SrBmPC1Jz4WnfPZEKmwQ5bBBgwYR7xkdSO_Uc-xJQRLWa8JqDLZksY96JD0Hu2a-8xR8HaDQ5GWT1m-2PljhbikjMbW45sD66IGGM8EqkVwyAjrMJKJ6hzIjeGmzg6t9r5k_E9GBUkPc8kWI6tAr8DjuMTZbeCWL6uelixC_pqCOOwP0h0v4J5MqLlDMKLtpANGQjsB85nn4f_tLv-021wFnmhoS-giB6LanvzPCW93l42-TV-rFEAny6VOROufLat_ox-UDggokNj1zeqcF-hH9jz6fUg8bPXFKub52lafKFQPLeslPRdYZzGCIxv080px3BZcDIZp1MeqSXoGa-pWMtYcCbZfdPZGKxlds_0nsc5PUBOUjXOgjxZtravjcW-_t0Qf-MHHtIt_5Mm0EmYrDKSqI5z6m9gWHTWzArHcooy-pWtoCMc68ox4SIh7U_OjgPS4v7NFc-RaXgmwvQgpf4QLisNMzCRMklRHI_rrLLA3tQvFEgdtoZMgLV7rU5jkfgM08chq56eZU0HczKPKilv5X88SWZbe2dK8EkQ-I4f8_bgMoAC1uX634QtiKmNuWszzeG7HztBNOA4Cz1PyZSGpqW9RZC_nxMIddmOZ0gjQUfpGEmZWm7VRkqT-ts9VOuPJRz1takFFuksM78esjWNNJKtk3LYfu39B03M1ifZIx3wiJ7NTKFdlJM5REaWbrz9xgS9G5BcHnYRQLz15m5uhUE8KL1poGWa6AzFfqHF1_QtfvH_bT8jpw_HN_CTcReEgwjP3qoMI7U-khadBFHO1-R-FJZSBmUXs0EKj9bbF61Fh8xKVuY2rz4WbKsE9HFVvquHdGtofyF4XLkuMmLEFnpCsXf3IOEDSi4YAWcqAqv3VjyQKYVdNmhOq9S6XDWEouygMic2Lzv8ILrIdJ1RUaMj6dEhAd8NGpho9nP4btwZCEqLZnd1rst9vGMwz4PhP9VQbQnh9hIFG1yLerLJT_IdktJRRLC8anZ-WHzQEYb7HMI2Nq_Rq_OX--oWO3nVABEK6mdqSrCiuRY51rxOcHwnda9TRFqOTsatVUqW0d-K4MeF0P7TYqpCG9AXaz9VWCajC0Cv-ZWxsgeyS_X5dGbj-Rs-WGuFDo6YTSJK0ZTZEG2UwdYrd_-WPDkY0-ry5lRdsZmr7Nw2yirEonnFt-xWisiH0-ybeTG7oplAIHK90-Cj_ixVcNi9FeKzNTwa4gqppTjB19pzeZvfgrIhPgMPhFoVs_rOrkBHjYWVehPdUJMwgXkeSt9yCDRv9sO2Vo_IfmRBHO90yk1pcqck0JeMjF_p53Rrn8PPwsWOWTv_5kbl1hSWxmkmfS-0g7NyhBH8SW-FJ7vJgxMLD0sxoLieI0bqGNO-oT0Qkctn1d3qaeUs-DtaUhUPI8-vzWkUVIIy6V8pw0sdnKiU48e-6mnGTMRseSTFVv78HtGTkW7RkivPT5z8-btHEJIC2XrrSYDLPBXs72FWj1Br4acVfKsNJdIuFTHLk42xJoa_r4fbvy8pONEAtgQd8JAxTBpaqSIaTVqr317AjGIWnuTNaVGUF6DG3bwdiiqZCgOfL2svB8gaPCYjRPjuznRe3Vw46VsJS6-OVID9hwAHgS5sAwtDukepAUkPOKIesX5kQuRyT_BfwA_6RTDjrNgt4hfYPupwDgsc_wVJqfkK2hoWTmpM5uEnKmsRm705LjPqWzXTc0dATHGBjEoArZinDqSE_BdHsdwMu5CBajtqqaP6iRBnrnb4oW6RMgC4lo0S2c7vmTb9Egq5iX2YdmkSW2URBDDlybdUu-gB1qJ99PE8qLIAHhbnIncKW4tOjLYwRZuZxLKAd_vgMN8zPnda5miJxwDLgCYg4x1z5EO8fg39kC1SQGhjW_ymcPe69boBScqeuXvz0dvBMDmL63G9L0Xe_EL4_Vd035wOusJUcKfnLJ4Lvik88UZCCUh6UGqP0h-_xENF4x74F1vd5iiz7RYnPf2ln484FO4n-IHi54k1clswayVaxNFNkuz0DeodbQR5rcusqVtlseWL6-1L1i_eRgRPLA9BpSBLXISee2q5BpmTqOf9AAbV52c_FpELLKr77ticST-IxjBlRSG7aXBPUnMpvN2unaWoQjjmtMx01fPHy59f-WR1dxyIib_iqNytogWOOmMcnQQFPD3qqVFWninfPl6q-MLqphe_uADniBqdDQiaYir3Bgtm0C587N8eGZcIhD4kuXKvt2ecqjbjmHxCJ0DWhrPxfv3ln2DCDHSDW3VFMlxrildHh15JiUzvwFMUTMX5OADou2Q6cS2-_R0xxnhA4pudsEMNpD4JzmPEE8N0nMf7xqatQvBIuInK4BIYi0JLQcy2Y3HucxaqwWuarDnmhFVpvKnd_ej31HI9t-KnD9pqUPy9Q-4yQN33hb8b2nASvIfjeyadptULFIwrjIG7ZZk-23gAwv6ipU-ee-luOCf1SA_fuzbsdmf5DZ1lPwBamX0crQjxnN2TzOpMD8xMIBFi1SP6aeCTLt1bLK5Va92TWZLiQ-XfObnt7iXbQlYodfQKIcrjNvkuiQWajmvMO0no8I_PgHIBS9wwJ-_3NNbHPv6TocuoABVSRMNWBy7uufofz9xfvy6_61HMKkPGaKkfLzYWOw9s-dre9amTKogHmCoUeuBjSqvqbCA1cMcNGFO1KNlfVhlcKrt2oyRlFhGWKIlsClb4EUIMYlM6v0-icQpf8s4xpkUL5ZnCh_NB8vzFtwWEJRUn5MEPv5o-Tl7ZkM7KHclEAxrOxdJf-0fAS_QE7SnaY63M2zT6INfqRF5nibLSJbYTsccUBkioN4bOn5dIdAIdN9RAx-4pdqsWsg-rW0FQBap9J&cid=CAASEuRoawMGTSibAPpnl0VX_VWuKQ&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0aeafa8dc859fbe7a1abd1f7e0e569d3ed96e6290baf265a5b5b31ffab4db51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73E4 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQI2LdIFN9ZlnSZ3oL8W7grtr_gvkHQ4m-Uc31yqpHHzXFDlzRgf4CMuf3cRPhSLhLLZdnclk8Tv1c6N49nTChKeM8CvQK6Y_3LG2yS43Kq3wESLM
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 73E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73E4 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:39:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 73E4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:36:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8D02 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame 8D02 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:38:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8D02 		0
74 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIi-rbuAjCddE_jOjnFJYVOnxTrl4OjuYECvJKjykssvG7gCQU7ywIbrpu4o2Yf7nhtuHFuElpp-3rPud0ZnnN6ha9VXBV45CRodRLuNkxwLZ_k-Ci1aHdR55zfPwCWwmoUc4TwAUFteY1KEjRGam4gGOw9sN_S9pkYFRv2JiiUr2NjCHe1_jOQIZYsH6MyKhYD72zxizjz_BYPCO7Hb3ZqXd41OS2pOIF6H3rP5j9nMW5SRgEPPXz3W9z3CwDQ986NQ1iHE6ioowPBYRVu_bbP_bwDO6ted8oQS1_8X-Q_qrox2QZT28a6-qwu8L7gXz5ZRy1yhT9AvCbJb3EFLJmPH4AA6ION11zSnZ3v9XICn-gXaVuf4WgYKp2FnTMj-NVekMum4dCHydwz131W7mYiOeuyBoMWX9-GA-t4sjU-OXM1lIYz3SoPQynQArOEfXqVNHJ4xCgglRpCojz_8anD03sYbNPl3QWiPQ4D1hRc4vrl2sGjH3PUiTyh1qFgLkKcWHmu-t4jxrFhZ2imG2TOmcpjtVnnIZ7pCtfnsO12hUiEtf8blxXWzYuKpK0KrsyN0bD1aXbkV33kIK-DeSJsUdCGv4guLKq4ZuXtw8_7BEn_WitDmWg1lYuCis-GgWSzBnVq94vOwenQOdSOMJE8jVckFCeb27AJ_JnW3AstinYzycY3C26dHynDHD4i5-NOXfn402Q8HFHEssMPBPdZewblT4NTmvxFIGeoWWy2XfjqeU82kd977QBJQ4XMhPibNmLdTQJp-FjYgbvLoNRvN0b9Zcyg9nnrNg6dSi-QuUa_p0NutKo1_6VyOHQI8e8VIk7LeEb8coqQoDHZfibmpnqUaigGUFdSkeJ8PTMsoR8DGom1V8WS-iFc1dOdOmVSt5uTIyWRrmFDGGXifJZERS65Q8he3fLxZ01Dnbnjdj8mfDiyhkq6CzctoPnW2htCDvwBW5F8GTgim1i472vf6Z-sidIBRIfSULin0WVD_dpzeo0_HyMpssLMqQbmLcZuAg4bwBUmk_fM1chzg1Gr1YVUPs6Zal8xdSUWKFBRuNfcfPil0XV8_ZpnavwOpEbwtxkp_Yu9mKsuF6q2XGVdBV50mWzj6d9Crrt-7a3rmW75aKh5s8mmLaJJBztocTSp1JEhcEhko9Zg_cZ1GLy_JRBBodIrtLRc8cCYH9VU0X6fw&sai=AMfl-YSEP3eydLMtxSbgsI45_mS7nhaPn_fFafl6dyrrdNd2YhYCShQQvGVJOE3bPN82oA0yTe5Fgiha58JQlNmY0D6Vv2T1xfeJGKQQvVQsSl9fdYGKEcU0ECG0RDuNdE-CUTp3t6ObJalqqf0kgqVT0wQHa4W_UA&sig=Cg0ArKJSzMNxME4Q2AeBEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210316.57007&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 20 Mar 2021 13:39:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
1x1.a
eulerian.sarenza.com/dynview/sarenza-chfr/ Frame 8D02 		0
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8D02 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96954
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 10:43:39 GMT
SAR_CHFR_300x600.gif
s0.2mdn.net/9834299/ Frame 8D02 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9834299/SAR_CHFR_300x600.gif
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
586314b8779f0fc784735ebbcfa744ac1e21143955b82b4ed46f8b91b647f63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:42:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:46:46 GMT
server
sffe
age
14241
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18632
x-xss-protection
0
expires
Sun, 21 Mar 2021 09:42:12 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 73E4 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78271
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Mar 2021 15:55:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame 73E4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOSk0huWjS74g83Vdm086AWfdw8bv18q5MauAqvT1tIMLdjRYJ06gJpUyqIrZqwx5z72WWXnQtgjtwD-XuMrJNzjupqwopTE3hVb0HXO4zHjG06ppO2QQPYwWcl5_pVE-gg_zkmnZYYSnMVHZWFNvNgWr1UQ&dbm_d=AKAmf-BSVne94Sao36oKiN12r84Xe7kUv1TpJ-OYN_c4Ujio0QOql1EihFxcfxtTxtuM6jUCrMLCJtlYeFIC4hdG95lnWPKyyFaRmPQEkhnKJ9i1NwIDm6_hIWyII3T_ah0PosEqg4bpNryd2HgT9X3oqZyAqz9ZKsBHYkDc5DT-15CETSmbGoYZH6hAtpH7te4uLRPfsz4ZAMS0I3z1fRduqKXZ16sg72_ohcU9fgdf7KjCI-ZMlt4cac0fI48Enp7rZWXU0sisqNCuKaCGFHo1L_4SaKRytIdS9hVmS07tyuv-Dlq6Cxm8gIqgM4hUhyXUTxTJiKmYKtYzMEMOtgb_n4V0mA5gvsvvRagewjD3UPIEQ8DFG2kXvTbIcUsJJNO8tgeSvOtI0JHmMkzzYhtvOK6ZSB3NUC500e2OrzD2CCCNaNZXFsIORDUn-_OdqzcrOIxduvUqB4Xtfu62xUfXk1_wsV2yc4zZ7RxC-jo7-9PjxVu0SX6n7zmE_MoMyw-g9S_gXgMzn4PlMqSyzyaZ85xHAHc9Sn214aBu3yWreqJE3OBQcH0TLZjBY8vR5BJTFeLJISKXnDsVHDAHYvRZ4SrBmPC1Jz4WnfPZEKmwQ5bBBgwYR7xkdSO_Uc-xJQRLWa8JqDLZksY96JD0Hu2a-8xR8HaDQ5GWT1m-2PljhbikjMbW45sD66IGGM8EqkVwyAjrMJKJ6hzIjeGmzg6t9r5k_E9GBUkPc8kWI6tAr8DjuMTZbeCWL6uelixC_pqCOOwP0h0v4J5MqLlDMKLtpANGQjsB85nn4f_tLv-021wFnmhoS-giB6LanvzPCW93l42-TV-rFEAny6VOROufLat_ox-UDggokNj1zeqcF-hH9jz6fUg8bPXFKub52lafKFQPLeslPRdYZzGCIxv080px3BZcDIZp1MeqSXoGa-pWMtYcCbZfdPZGKxlds_0nsc5PUBOUjXOgjxZtravjcW-_t0Qf-MHHtIt_5Mm0EmYrDKSqI5z6m9gWHTWzArHcooy-pWtoCMc68ox4SIh7U_OjgPS4v7NFc-RaXgmwvQgpf4QLisNMzCRMklRHI_rrLLA3tQvFEgdtoZMgLV7rU5jkfgM08chq56eZU0HczKPKilv5X88SWZbe2dK8EkQ-I4f8_bgMoAC1uX634QtiKmNuWszzeG7HztBNOA4Cz1PyZSGpqW9RZC_nxMIddmOZ0gjQUfpGEmZWm7VRkqT-ts9VOuPJRz1takFFuksM78esjWNNJKtk3LYfu39B03M1ifZIx3wiJ7NTKFdlJM5REaWbrz9xgS9G5BcHnYRQLz15m5uhUE8KL1poGWa6AzFfqHF1_QtfvH_bT8jpw_HN_CTcReEgwjP3qoMI7U-khadBFHO1-R-FJZSBmUXs0EKj9bbF61Fh8xKVuY2rz4WbKsE9HFVvquHdGtofyF4XLkuMmLEFnpCsXf3IOEDSi4YAWcqAqv3VjyQKYVdNmhOq9S6XDWEouygMic2Lzv8ILrIdJ1RUaMj6dEhAd8NGpho9nP4btwZCEqLZnd1rst9vGMwz4PhP9VQbQnh9hIFG1yLerLJT_IdktJRRLC8anZ-WHzQEYb7HMI2Nq_Rq_OX--oWO3nVABEK6mdqSrCiuRY51rxOcHwnda9TRFqOTsatVUqW0d-K4MeF0P7TYqpCG9AXaz9VWCajC0Cv-ZWxsgeyS_X5dGbj-Rs-WGuFDo6YTSJK0ZTZEG2UwdYrd_-WPDkY0-ry5lRdsZmr7Nw2yirEonnFt-xWisiH0-ybeTG7oplAIHK90-Cj_ixVcNi9FeKzNTwa4gqppTjB19pzeZvfgrIhPgMPhFoVs_rOrkBHjYWVehPdUJMwgXkeSt9yCDRv9sO2Vo_IfmRBHO90yk1pcqck0JeMjF_p53Rrn8PPwsWOWTv_5kbl1hSWxmkmfS-0g7NyhBH8SW-FJ7vJgxMLD0sxoLieI0bqGNO-oT0Qkctn1d3qaeUs-DtaUhUPI8-vzWkUVIIy6V8pw0sdnKiU48e-6mnGTMRseSTFVv78HtGTkW7RkivPT5z8-btHEJIC2XrrSYDLPBXs72FWj1Br4acVfKsNJdIuFTHLk42xJoa_r4fbvy8pONEAtgQd8JAxTBpaqSIaTVqr317AjGIWnuTNaVGUF6DG3bwdiiqZCgOfL2svB8gaPCYjRPjuznRe3Vw46VsJS6-OVID9hwAHgS5sAwtDukepAUkPOKIesX5kQuRyT_BfwA_6RTDjrNgt4hfYPupwDgsc_wVJqfkK2hoWTmpM5uEnKmsRm705LjPqWzXTc0dATHGBjEoArZinDqSE_BdHsdwMu5CBajtqqaP6iRBnrnb4oW6RMgC4lo0S2c7vmTb9Egq5iX2YdmkSW2URBDDlybdUu-gB1qJ99PE8qLIAHhbnIncKW4tOjLYwRZuZxLKAd_vgMN8zPnda5miJxwDLgCYg4x1z5EO8fg39kC1SQGhjW_ymcPe69boBScqeuXvz0dvBMDmL63G9L0Xe_EL4_Vd035wOusJUcKfnLJ4Lvik88UZCCUh6UGqP0h-_xENF4x74F1vd5iiz7RYnPf2ln484FO4n-IHi54k1clswayVaxNFNkuz0DeodbQR5rcusqVtlseWL6-1L1i_eRgRPLA9BpSBLXISee2q5BpmTqOf9AAbV52c_FpELLKr77ticST-IxjBlRSG7aXBPUnMpvN2unaWoQjjmtMx01fPHy59f-WR1dxyIib_iqNytogWOOmMcnQQFPD3qqVFWninfPl6q-MLqphe_uADniBqdDQiaYir3Bgtm0C587N8eGZcIhD4kuXKvt2ecqjbjmHxCJ0DWhrPxfv3ln2DCDHSDW3VFMlxrildHh15JiUzvwFMUTMX5OADou2Q6cS2-_R0xxnhA4pudsEMNpD4JzmPEE8N0nMf7xqatQvBIuInK4BIYi0JLQcy2Y3HucxaqwWuarDnmhFVpvKnd_ej31HI9t-KnD9pqUPy9Q-4yQN33hb8b2nASvIfjeyadptULFIwrjIG7ZZk-23gAwv6ipU-ee-luOCf1SA_fuzbsdmf5DZ1lPwBamX0crQjxnN2TzOpMD8xMIBFi1SP6aeCTLt1bLK5Va92TWZLiQ-XfObnt7iXbQlYodfQKIcrjNvkuiQWajmvMO0no8I_PgHIBS9wwJ-_3NNbHPv6TocuoABVSRMNWBy7uufofz9xfvy6_61HMKkPGaKkfLzYWOw9s-dre9amTKogHmCoUeuBjSqvqbCA1cMcNGFO1KNlfVhlcKrt2oyRlFhGWKIlsClb4EUIMYlM6v0-icQpf8s4xpkUL5ZnCh_NB8vzFtwWEJRUn5MEPv5o-Tl7ZkM7KHclEAxrOxdJf-0fAS_QE7SnaY63M2zT6INfqRF5nibLSJbYTsccUBkioN4bOn5dIdAIdN9RAx-4pdqsWsg-rW0FQBap9J&cid=CAASEuRoawMGTSibAPpnl0VX_VWuKQ&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:38:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 73E4 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOSk0huWjS74g83Vdm086AWfdw8bv18q5MauAqvT1tIMLdjRYJ06gJpUyqIrZqwx5z72WWXnQtgjtwD-XuMrJNzjupqwopTE3hVb0HXO4zHjG06ppO2QQPYwWcl5_pVE-gg_zkmnZYYSnMVHZWFNvNgWr1UQ&dbm_d=AKAmf-BSVne94Sao36oKiN12r84Xe7kUv1TpJ-OYN_c4Ujio0QOql1EihFxcfxtTxtuM6jUCrMLCJtlYeFIC4hdG95lnWPKyyFaRmPQEkhnKJ9i1NwIDm6_hIWyII3T_ah0PosEqg4bpNryd2HgT9X3oqZyAqz9ZKsBHYkDc5DT-15CETSmbGoYZH6hAtpH7te4uLRPfsz4ZAMS0I3z1fRduqKXZ16sg72_ohcU9fgdf7KjCI-ZMlt4cac0fI48Enp7rZWXU0sisqNCuKaCGFHo1L_4SaKRytIdS9hVmS07tyuv-Dlq6Cxm8gIqgM4hUhyXUTxTJiKmYKtYzMEMOtgb_n4V0mA5gvsvvRagewjD3UPIEQ8DFG2kXvTbIcUsJJNO8tgeSvOtI0JHmMkzzYhtvOK6ZSB3NUC500e2OrzD2CCCNaNZXFsIORDUn-_OdqzcrOIxduvUqB4Xtfu62xUfXk1_wsV2yc4zZ7RxC-jo7-9PjxVu0SX6n7zmE_MoMyw-g9S_gXgMzn4PlMqSyzyaZ85xHAHc9Sn214aBu3yWreqJE3OBQcH0TLZjBY8vR5BJTFeLJISKXnDsVHDAHYvRZ4SrBmPC1Jz4WnfPZEKmwQ5bBBgwYR7xkdSO_Uc-xJQRLWa8JqDLZksY96JD0Hu2a-8xR8HaDQ5GWT1m-2PljhbikjMbW45sD66IGGM8EqkVwyAjrMJKJ6hzIjeGmzg6t9r5k_E9GBUkPc8kWI6tAr8DjuMTZbeCWL6uelixC_pqCOOwP0h0v4J5MqLlDMKLtpANGQjsB85nn4f_tLv-021wFnmhoS-giB6LanvzPCW93l42-TV-rFEAny6VOROufLat_ox-UDggokNj1zeqcF-hH9jz6fUg8bPXFKub52lafKFQPLeslPRdYZzGCIxv080px3BZcDIZp1MeqSXoGa-pWMtYcCbZfdPZGKxlds_0nsc5PUBOUjXOgjxZtravjcW-_t0Qf-MHHtIt_5Mm0EmYrDKSqI5z6m9gWHTWzArHcooy-pWtoCMc68ox4SIh7U_OjgPS4v7NFc-RaXgmwvQgpf4QLisNMzCRMklRHI_rrLLA3tQvFEgdtoZMgLV7rU5jkfgM08chq56eZU0HczKPKilv5X88SWZbe2dK8EkQ-I4f8_bgMoAC1uX634QtiKmNuWszzeG7HztBNOA4Cz1PyZSGpqW9RZC_nxMIddmOZ0gjQUfpGEmZWm7VRkqT-ts9VOuPJRz1takFFuksM78esjWNNJKtk3LYfu39B03M1ifZIx3wiJ7NTKFdlJM5REaWbrz9xgS9G5BcHnYRQLz15m5uhUE8KL1poGWa6AzFfqHF1_QtfvH_bT8jpw_HN_CTcReEgwjP3qoMI7U-khadBFHO1-R-FJZSBmUXs0EKj9bbF61Fh8xKVuY2rz4WbKsE9HFVvquHdGtofyF4XLkuMmLEFnpCsXf3IOEDSi4YAWcqAqv3VjyQKYVdNmhOq9S6XDWEouygMic2Lzv8ILrIdJ1RUaMj6dEhAd8NGpho9nP4btwZCEqLZnd1rst9vGMwz4PhP9VQbQnh9hIFG1yLerLJT_IdktJRRLC8anZ-WHzQEYb7HMI2Nq_Rq_OX--oWO3nVABEK6mdqSrCiuRY51rxOcHwnda9TRFqOTsatVUqW0d-K4MeF0P7TYqpCG9AXaz9VWCajC0Cv-ZWxsgeyS_X5dGbj-Rs-WGuFDo6YTSJK0ZTZEG2UwdYrd_-WPDkY0-ry5lRdsZmr7Nw2yirEonnFt-xWisiH0-ybeTG7oplAIHK90-Cj_ixVcNi9FeKzNTwa4gqppTjB19pzeZvfgrIhPgMPhFoVs_rOrkBHjYWVehPdUJMwgXkeSt9yCDRv9sO2Vo_IfmRBHO90yk1pcqck0JeMjF_p53Rrn8PPwsWOWTv_5kbl1hSWxmkmfS-0g7NyhBH8SW-FJ7vJgxMLD0sxoLieI0bqGNO-oT0Qkctn1d3qaeUs-DtaUhUPI8-vzWkUVIIy6V8pw0sdnKiU48e-6mnGTMRseSTFVv78HtGTkW7RkivPT5z8-btHEJIC2XrrSYDLPBXs72FWj1Br4acVfKsNJdIuFTHLk42xJoa_r4fbvy8pONEAtgQd8JAxTBpaqSIaTVqr317AjGIWnuTNaVGUF6DG3bwdiiqZCgOfL2svB8gaPCYjRPjuznRe3Vw46VsJS6-OVID9hwAHgS5sAwtDukepAUkPOKIesX5kQuRyT_BfwA_6RTDjrNgt4hfYPupwDgsc_wVJqfkK2hoWTmpM5uEnKmsRm705LjPqWzXTc0dATHGBjEoArZinDqSE_BdHsdwMu5CBajtqqaP6iRBnrnb4oW6RMgC4lo0S2c7vmTb9Egq5iX2YdmkSW2URBDDlybdUu-gB1qJ99PE8qLIAHhbnIncKW4tOjLYwRZuZxLKAd_vgMN8zPnda5miJxwDLgCYg4x1z5EO8fg39kC1SQGhjW_ymcPe69boBScqeuXvz0dvBMDmL63G9L0Xe_EL4_Vd035wOusJUcKfnLJ4Lvik88UZCCUh6UGqP0h-_xENF4x74F1vd5iiz7RYnPf2ln484FO4n-IHi54k1clswayVaxNFNkuz0DeodbQR5rcusqVtlseWL6-1L1i_eRgRPLA9BpSBLXISee2q5BpmTqOf9AAbV52c_FpELLKr77ticST-IxjBlRSG7aXBPUnMpvN2unaWoQjjmtMx01fPHy59f-WR1dxyIib_iqNytogWOOmMcnQQFPD3qqVFWninfPl6q-MLqphe_uADniBqdDQiaYir3Bgtm0C587N8eGZcIhD4kuXKvt2ecqjbjmHxCJ0DWhrPxfv3ln2DCDHSDW3VFMlxrildHh15JiUzvwFMUTMX5OADou2Q6cS2-_R0xxnhA4pudsEMNpD4JzmPEE8N0nMf7xqatQvBIuInK4BIYi0JLQcy2Y3HucxaqwWuarDnmhFVpvKnd_ej31HI9t-KnD9pqUPy9Q-4yQN33hb8b2nASvIfjeyadptULFIwrjIG7ZZk-23gAwv6ipU-ee-luOCf1SA_fuzbsdmf5DZ1lPwBamX0crQjxnN2TzOpMD8xMIBFi1SP6aeCTLt1bLK5Va92TWZLiQ-XfObnt7iXbQlYodfQKIcrjNvkuiQWajmvMO0no8I_PgHIBS9wwJ-_3NNbHPv6TocuoABVSRMNWBy7uufofz9xfvy6_61HMKkPGaKkfLzYWOw9s-dre9amTKogHmCoUeuBjSqvqbCA1cMcNGFO1KNlfVhlcKrt2oyRlFhGWKIlsClb4EUIMYlM6v0-icQpf8s4xpkUL5ZnCh_NB8vzFtwWEJRUn5MEPv5o-Tl7ZkM7KHclEAxrOxdJf-0fAS_QE7SnaY63M2zT6INfqRF5nibLSJbYTsccUBkioN4bOn5dIdAIdN9RAx-4pdqsWsg-rW0FQBap9J&cid=CAASEuRoawMGTSibAPpnl0VX_VWuKQ&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:37:28 GMT
setuid
ib.adnxs.com/ Frame 6499
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
b04557b0-720c-474e-9490-0ef9653a0b38
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6499
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid
1fdc04e6-b035-4df8-ac97-052c5f803d69
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6499
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
date
Sat, 20 Mar 2021 13:39:33 GMT
via
1.1 google
server
OXGW/16.203.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 6499
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7onZAhjBqYufATAB&v=APEucNWHxm9r6_OonjG73EwL9Czcwhw9xoq4PCHU4HfWgbrdKjIk2cdsEiWlnzTsPEo-oMC52jJwV2ILAq8bMT4Y_-95X_Kkt3m6Hwka2xlcDWGd4TsAM5A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
setuid
ib.adnxs.com/ Frame B5B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
585ee9a9-99ee-4af3-aef5-c5b32faa9fcc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBOMo6lQr-veP5DsCv9VKbM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5B4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:39:33 GMT
X-Proxy-Origin
84.39.112.19; 84.39.112.19; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
0fca4cda-1af2-4afe-8a83-0b054346cc9e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5NzM0NDgwNzE2NzgxNDYxOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B5B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJSX1v85hSDyIHwDHMrWb4&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5B4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGPik9ZQBMAE&v=APEucNVBfzFXh3ylL7J15ggmYdC0qJyWELcEpVU20u35XhbJ6VisePbONEOCD7o54VWNdw55bJKtT74ksGW67AMBTfMDtazmYcv2bIbp1AMFnN3lpUzzfXc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU4ZGNkZTQtYzQ4My0yNGJiLWZiNzctZTU0ZWU5ODExMzc0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame 8D02 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIi-rbuAjCddE_jOjnFJYVOnxTrl4OjuYECvJKjykssvG7gCQU7ywIbrpu4o2Yf7nhtuHFuElpp-3rPud0ZnnN6ha9VXBV45CRodRLuNkxwLZ_k-Ci1aHdR55zfPwCWwmoUc4TwAUFteY1KEjRGam4gGOw9sN_S9pkYFRv2JiiUr2NjCHe1_jOQIZYsH6MyKhYD72zxizjz_BYPCO7Hb3ZqXd41OS2pOIF6H3rP5j9nMW5SRgEPPXz3W9z3CwDQ986NQ1iHE6ioowPBYRVu_bbP_bwDO6ted8oQS1_8X-Q_qrox2QZT28a6-qwu8L7gXz5ZRy1yhT9AvCbJb3EFLJmPH4AA6ION11zSnZ3v9XICn-gXaVuf4WgYKp2FnTMj-NVekMum4dCHydwz131W7mYiOeuyBoMWX9-GA-t4sjU-OXM1lIYz3SoPQynQArOEfXqVNHJ4xCgglRpCojz_8anD03sYbNPl3QWiPQ4D1hRc4vrl2sGjH3PUiTyh1qFgLkKcWHmu-t4jxrFhZ2imG2TOmcpjtVnnIZ7pCtfnsO12hUiEtf8blxXWzYuKpK0KrsyN0bD1aXbkV33kIK-DeSJsUdCGv4guLKq4ZuXtw8_7BEn_WitDmWg1lYuCis-GgWSzBnVq94vOwenQOdSOMJE8jVckFCeb27AJ_JnW3AstinYzycY3C26dHynDHD4i5-NOXfn402Q8HFHEssMPBPdZewblT4NTmvxFIGeoWWy2XfjqeU82kd977QBJQ4XMhPibNmLdTQJp-FjYgbvLoNRvN0b9Zcyg9nnrNg6dSi-QuUa_p0NutKo1_6VyOHQI8e8VIk7LeEb8coqQoDHZfibmpnqUaigGUFdSkeJ8PTMsoR8DGom1V8WS-iFc1dOdOmVSt5uTIyWRrmFDGGXifJZERS65Q8he3fLxZ01Dnbnjdj8mfDiyhkq6CzctoPnW2htCDvwBW5F8GTgim1i472vf6Z-sidIBRIfSULin0WVD_dpzeo0_HyMpssLMqQbmLcZuAg4bwBUmk_fM1chzg1Gr1YVUPs6Zal8xdSUWKFBRuNfcfPil0XV8_ZpnavwOpEbwtxkp_Yu9mKsuF6q2XGVdBV50mWzj6d9Crrt-7a3rmW75aKh5s8mmLaJJBztocTSp1JEhcEhko9Zg_cZ1GLy_JRBBodIrtLRc8cCYH9VU0X6fw&sai=AMfl-YSEP3eydLMtxSbgsI45_mS7nhaPn_fFafl6dyrrdNd2YhYCShQQvGVJOE3bPN82oA0yTe5Fgiha58JQlNmY0D6Vv2T1xfeJGKQQvVQsSl9fdYGKEcU0ECG0RDuNdE-CUTp3t6ObJalqqf0kgqVT0wQHa4W_UA&sig=Cg0ArKJSzMNxME4Q2AeBEAE&urlfix=1&omid=0&rm=1&ctpt=46&vt=11&dtpt=45&dett=2&cstd=0&cisv=r20210316.57007&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWcMxq1Pf_W6-AljmwZgNfb5ZwxxB4jX9gIFCQS_o0dyA0Ikv58WutTmn-rHgP4A6DtRU6n6jxzUKNzt7CE9z0thvp2-DJgMrwFB8NhT9YhUnKoMQLwavawkMEc3GkxiLxJwOM7LTApzUvXRvjBdO7RiVRbQ&dbm_d=AKAmf-D7J_Ew7KZeo26BSexi0vqgyHHLEWgzoofHiZbAgtCl7ocNGgnh7T35O9_xDMjCvnSlg1d_3AlNjOHbWsjySK4AShkGsgCa9SXXEqTMjklYShhjZGA5ZXgvIH2HlsEGIyiActPOlzV8Xot__eDNu_6gNeckw4Bi-vzGdIOJE6A5DrkSTZO_eWSWVAxWrYpLKxW74D6ir15CrYaNTkjQjwQyUGIYt6cwtlSdxxYLrDrnWpDqVMavFFQfnQH7WOjHPBypzwbbN2UL8Gm08bZYrA9DBnAPWvczE3j5TRi7DCOEvH1VmMcFnPn7IYNplZR1F1aCmFZOudPMc3tA-HdJbax-CY1_VaBEiO0VRYhjaVprGVNvNa8MHip89lTg6YxGtklDOLhl4GQYxyqNKalPlIGtmxQkUeB4hfvBzmrxhsGPEa2sC2Nj5zdwoqwsVcc0AtJVG3UUIzSuUjyqKIJiRnJIhiXVkZi9UP89OJMfAJNiR_4Ve6Jjo3wWu2mbsJKsJq32ZwjocIX-SE9fwWqbAgjN0g0zv9Z3eUPcMtabdi60Obm2rP7R_xa3GY3O0p3D2xRKH7p_vHgZFJ_tXo9eKlEmhQxN4Qm1GAAGSyMrAsRzNF-iL9E-Z24G9jH4qslHmmt-LWI7ACj19XLilVbH6wgmkhW-xIpZLO4stDfw4g8FwRNsS4vrkLNFZf6WV3Ds31jisVrc7R7DIXN0SUPnuJeM2LZmBI-ivGnk2mouN78WGcGAnSgbJTQWXDRP0mqIH-e5UMzXBvbkWHrBHLsX8YM4VwFP73LYPZPSM28_kqANu0cLG_VoLdEw2fEBlzzCo3AJJHm1Ct3nQ85kYj95hwZ6h4IdtdvofntX0XHfcASfhmzXMxE-67EVWnecSCjcfyNQnQd0njMSsQ0KgUmg3U2KVKRa8NFoChDxS8WxXa6gHcIclIRloIZlBili7wExnE705AFuCYk9voE6WjtgJldRn_eKF7rBaZIuIqS_cCu2nmxdMNU7CxA-RBYSxLOCBA6i121wm3aWYnMBTrIcTTEWMiLz8q_x9pDjW26qpYoRX9PFMgeclyELzMwtSo3y3gAceQgejxe14ArFrNTPkJZ6H640mIJ7dtbbRVpiEBUiSyboqAARFhFPwzzFMhAsJI0NnawW7iqrQZov9-Tkyqppr-Kv4m1EDnKrv6ByrSSlJ9RlaP5U00eShkR2wm2Gcu3Iw3l8qwI9HgrOQWlq6YNE4Bkr_DEdgOV3kmxfbwUFGwjeNDmE77EIWSE73lgnBuIr0pQPsAs8zNMUOjke8CPwRaWtq6D4Qsv4I3DEwDeW62SU1nIsX-XivJbI01NfI39DKNI2PMk_2CvfJz7NYSimUFs-vAx7inb15WW1hXu5tzKuCAS9hkDRrUvrWoJRpn5PAb3Q3WCP2i-NzXID1rk3acHwpYxKrk5MNWiz1HD9uWyHFHV8-IbhPFs0dcpN_ExbF5Z1UfKMEz8dOsWRMpD4xvCW3FAqsQtm96puLTN2Ow9O9BqKsDDIoBmu3FIl9GdtTmKiLCrhMd78hoDbuBKfOct5tH0bTSbSwtQe7YhRCqtXcGCBID1KA8bpf6INPO_5C7aHzDjDH0g-lHHgxZm_z_N4LWKxPnChMA429dIeN7tPsNHLgP3kvWLeAgN0ZBQS7LX9N8TMNlZoitxEoB9gUsngla1NJQIgbawaVwFNTVvERUwR8bYeQ6O78mFUNLjfUH3Do2Y31qYotKyxOfkOnc3oUX22aALfeud0sit88n1BqAcU0xddEHZeY612T6SliTLhj3AC2VcgKSGCogGRQCv6eagmg_3d_fDLfBfQzODiMJZLNQp55a9u0xslre86lLhjLpHOOLfov89zEy9wY3CqSR5xDTFiloYbakU-aEtqnV9KN0Xt13ArLLOPvy0FwKw7RPJ1TXMJ3DFMeDdBWeGBxQ7qsK8JHuF7rmwSxJGKqKC3LtxjnBlrcnGrXebZ63jRCz9yUKnh4tcnc2peeWmYIFqI8snXJCcIoZZ42qHJWRLRGTZYJvJHabSAqdPplgXAnqcB3y2qko4C7WCxwL7DezQF_ewwNteP0CRT4GeP0j1Lthc0vPEtp1yzXDDj1ZFL1Uwzq-jOox6RtqBcq4jjv7xnVL7jDF6Gi5XtKRK6nSR8WCdnRfwUnC3HSadxIIMO2p2YJnFqOVnIoNX_H9ncjTkra_lgr0Yibbr1l-yVGs2j7_STnWvefMfwMT45dQYH7h3beUnoPwiP1AJ3thBd8JX3awK4sMHNO_EXgS2-pb7TeFeqF-qyVptYxb8_3AG4sXAHiVX22EbsjLmnXR4sLmBu57JMcmGD86E_kDUvFJTCiQ8IMnxodEvjrvy1sl1ZnSZw37qr42w_KSBoK9sHQLkstG3zGl3hpWDf-kzW8cZtCk4FQJ103tdtY84ffKWbyTwLIyD7ErL3zKSj8aawgUboL0VLCh4rfe4sBWskZnmYiRf99tz3zghnMYSdl7E8okvpWFcJCFtfe3mMw3vXc7tTPXH9bNRbexu02utSgvnxRYQ6YxpHLzhi9s_WFiTfSXcOIlvYez9613qlHuWSWpU4PXqZrZoozG1kyPSD-mygkoP57cxDN42MpZ49vwLouA9RP-Dr22h5GOAvwxxL6s8EgMUBO3KR8T-yDhuqRq9woVbal6wqnaEptu_RfyQuRiwQRGu0yTjRcMTKwdSguXSO2lplCRVYU1vhJT8MBTZ1WTlHtBWn8k62bc413FEmgHnlmNKfPZoUoK0pJAtxCwIVPpXT0cgTFlRjfj7unbJe5dLDZklHX6_Ftvy92TixTXcc6meUhAvZi4zdKLIO4OEGj5_H-xhu_hIMjEyOgy8K3NQvezDthyRIH7asTi83u68XSRHOyk_HMNzDqZEUpxxLyk84W_SD3MT8FflD4JzR8B2-9i4aiUNp4arTQB-dcrMoQpHErViVMhTETiVMxpOv23tVwIp8GJ8nYzLbSU9x_bJQV3mqrhsmoP-E_6HbIRG8qYXK4c33ZMf1s-Lrli10Q62FnPtBnoss97Cp7-xryeClnhelL5WFsJ1FbdQQ7TAf-7YPLjyIS59ohVWYS0uCSBo4oRLvZ8qK_A3JEy7uWGl02_afVpPEG52R8prY3LM7nLOoUn2Ryyb5P9eDNfQHGjR4BnLxIaN2aviGWo44dSHB3Tw4Br6NvkgNsWHMEj3Wqrujof9kSSi5Dy48zIOmM50dkF8OwdLIHogBPAygmhQjY8IwGuuJM4ab1oyq8aJC4DfgdyRwFK25W19uh-phfG9chhp3CeKRW-1_47cdlOwRESsMzxS8rdv8b96axgXizfNr3DWfCmFqeUhU8pfCSAdA0RjN2txCyGPfFy3HfrxVYp1fTTcyk7SEfyfUoZhg_eoJ-zyhYiQwVv6KTGDm_R_DghYHVSiFv5fkFw-vejbDLN6vl-HA2o_JTmn-&cid=CAASEuRou56fbogeoLRSMvL5Ubj64Q&rfl=1%2Chttps%253A%252F%252Fwww.gala.fr%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3AC7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 10:43:39 GMT
expires
Sat, 19 Mar 2022 10:43:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
96954
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2634 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 16:59:40 GMT
expires
Sat, 20 Mar 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
74393
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8D02 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
015cff5d1e0f7b5c94f7ce811a4f79dd6f7c40267283b335ede4248a3b296de3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"96dd1eed1ecd3297bab335082e4a072e:1613570895.289383"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
1524
expires
Mon, 19 Apr 2021 13:39:33 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 19 Apr 2021 13:39:33 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=9553ad988d999ca2479af7d3dcf4a0d1_2667_1616247573443&tm=3699&eT=0&widgetWidth=757&widgetHeight=342&widgetX=225&widgetY=2868&wRV=2000250&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:33 GMT
content-encoding
gzip
X-TraceId
1099ca68308567e317a2eb4d66e88b43
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
index.html
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		122 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308924613/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ff9513cad7c3368feed2c14c40e229cd94452de7e15d3fe3fb4a3d7e28354c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9506911/1604308924613/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
22981
date
Sat, 20 Mar 2021 13:36:37 GMT
expires
Sun, 21 Mar 2021 13:36:37 GMT
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
176
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 73E4 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstC0k-mpEKIcZkRHIVOAQQNBTtxIClZgxnhZFKsk9bXWHoVyk2F9nfBIYYdogqiS-nOWyo-oz4I6FFNAidjU-zoUTWC3u9KHSiXGF5t66Bi4v_0Vs5g-1x_D0s5JNm_dr8F4cNf4WTEzjw4esnmgTj4fPE5Kq-aOmhxa7XP0eEb4aGhGzepfEkHFcIe5S6VQsBfXDw-pUe77Z4L4RQbfkcUipWufycVKPXt8DIZh-YLF-ICvwYOGQiuhJa6TYwGOESs6pXgnVw-2sfG0pn6DkhcknZ60MnJr_tKK8YANuodWMESp8fvqWIbq1K6nqeBWz8SmhdmbzeAh49qdtvfwoMD9GABQrMJaNJX_9Lwkcnmg26ozvosykZw5M9uUBnoao--3n1NOxGQiiBD7HqidLFCUEKKe7_DQuR3VMCt2oxVPKR5VDxxX6unKHChXWJIIbuPrpotEjmVVJl03qcYJqI0ZuEOUY7eVMlDbVHCTVG2sq8xxMVs3BcouxJ7Gq_KLYVsxgJtGk5H9NvgDtvC0-5QVuh9xLc-ywqj6yA7Y2Hfmcr-1xPAV-HnPFybIsmVDXHfO-kfwLDigsFqWjm7wd31GAlh8rqXB1htwnv9rEWbDxeTYPmx5u7O73aKAj1HaWfdRlOa9xAe4EaqEyjXtem34Ai0NiZcaEdto77bQGan7HnJjcIxqSscBclFzdD9LDts_YgF6NwAfomrUGM81-l7udztDh4OJ_d1wPIrvtxpweTDoqTz7sqxr2s9KJUqNPXwT8MEUOLV01zITX_PkpekNAIV0huyRUij77Dcr_krAGNmEieiuXXxczkm8iNCwQvOoE7VOqutwNitnRQtxqNlYI_qae-oxWouPeNppxYzI-tmcGH1uMgtGC_nKsg_XAyu8oESHwFJSPnTSUlUil9VQn2PQj_oK9t-jylg-STz859TTIQfX6-tUiFWknHrcI11E0XvrDhS9bf3s7GCp6Jw-ab69h9gFwn_rqIDcB6axHW7SsUYGK7N3wcy-B4lkH7nAQHbnMEbPwemX_JC73IgSrkO24hb01pntyVJf0H4yG_ldzt1XRZAqh6XDc9GiI0Zr-eJFmgoiCVbHky7UrD_wcerRe4oO7-JHggmk1f2v9ttQdqlQQu4sFtO1KHLJMbaBEtI90RsVBKXeWCdCrew3fstwciCTypv7i6JVyrEbeGIjPRJaxdPn3b2VTkMjW4uq-NqUPYy4mk69oTGJO62VgQxO9nVrHil4hpTKxnIr0Vt&sai=AMfl-YQhdzQnflMC5zTydp4-loUSHMrEdaqnwhI4bVt52whvXp13NokxG2GhFxkOVtWTVcQ9oPExE0nyuheL11qm6D5wIND1rYSduk9dDslxAQwc9EutkyHcyFi3t0EOoSZYwTHdIVk1tUz0iyJaQcYRAOeci_I4E_D54a70MFw0nwVOU-hoJxey3g&sig=Cg0ArKJSzMWkP8E5wt6OEAE&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=95&cisv=r20210316.73515&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 20 Mar 2021 13:39:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 73E4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96954
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 10:43:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA8E 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 16:59:40 GMT
expires
Sat, 20 Mar 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
74393
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 73E4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23d068d6c5f8d296930a15bc2301976f888f693b4da578390e18ce3376a7d0f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 967C 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHyijFPtVYKuGNPajx_AP9bOqyAwAAAAAOAHgBAI&bg=!rq2lrenNAAbUo7L91KM7ACkAdvg8WjEWqn4ssiPBtjP7OiH_RLH8Ei00AfK4gEkmc6j_j9_Sm3ocXAIAAAFzUgAAAFNoAQcKAEwf43YRn2KJJ6o6xNyTcKqkszyBmeDDVMKGHTz9b-1xyTmgO5uLCxSAMP5KMACagGL3qw6WRnDz9rR9qjoOWU9JVGDvvqICOSHnCTO9mQJfZq3MiybRg3mVVP3uY-NDdoNfrxJwYiUadKN_5QH-cQ-HKGMZV_DT1erF9gSZadrRXN_s2V_PZF72CFt0cTa-N0sBfkv1b5Z0aMWXvXyhkJz_n3kr5C2qtq3_LMyqbFkQzv2oQLhro9BYgqtc3qIxy5C0xw-QWeR8NCH4_46NicuSFv90R6-LUzWzsqLAkaHo5yMyEn9nlYywZwfyy45e5DKQ3ZI318ulKm8gKcRtyAzlKPUXxLVzwrMIRomy0KVDLL9p5arlbGt3IqA0Yjp63GGB2NYbDApfVoVKavoik6pSDXL1YtKdX5IfOytcwqBxaS9U7lB-Kpgl62gGYNhlZQkcJAPR1k10Dqz4p6MeYADub1lG6M9bXcd-FWm-qIfATwtpxvUy4TrjvBCizcPZ4ayTKqH5pj4EZViBgTgN5Av5o8uBus_euCRvVw2i2InLzTPnjvJWNCynNAjqLzmgSaaeVWRLkrh0HXD_OHzWgUK6-1aO9v9ueWUUNg9TojJgwpOTeAuaJqtAyavOzM6G7h4dNBSLnBA_c_BRI0GWc3u_S7UNzcQuiiBLoUbDMDtnDxcXMTqxoZ6mJ2g3qZWzWvGBBO3tX-Me0WYgzXYKff3LfWostbwPy0UjF7sI_WS0j4zYVgMEYGxT8LRBPkvtnP5JTW0W10plP-nx3l7ef14qB77wXNjLPjyF9U4N8IBCDvpEJLbgZMktPbJUaHwTgzN-N9ILP0yNGLy1pHCvT_a1fcvo64jtSDzm6Pe9qY9nrQJ7oppxYobWNn6Rburjd8miK79UICpNVDZnatjplQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5E3E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 10:43:39 GMT
expires
Sat, 19 Mar 2022 10:43:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
96954
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 1AF4 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308924613/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15129
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 09:27:24 GMT
pixel
cm.g.doubleclick.net/ Frame 2634
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIjVTM8tfWAU85ROy4actOc&google_cver=1&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJx...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Up9gVfsUQwCixUjx7J4-Rw&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJxiefa25ia...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Up9gVfsUQwCixUjx7J4-Rw&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJxiefa25iaGBLX
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 20 Mar 2021 13:39:33 GMT
Server
MT3 3611 f10363c master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Up9gVfsUQwCixUjx7J4-Rw&google_push=AQvitUJm2GZ0hO0tDLXPEBl5FjcmqtqUQlqFmi4SUR0EOzoQe04fqmOpsLpLVEoHBz1nVdSSpnze5lBOOv-95AJxiefa25iaGBLX
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 13:39:32 GMT
pixel
cm.g.doubleclick.net/ Frame 2634
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELfRGehfR5eTjiFP5UN7pfI&google_cver=1&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5ZqfOozLz52PKNceKLSNxrMl
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5ZqfOozLz52PKNceKLSNxrMl
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Mar 2021 13:39:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULBAj4hBYDxjH-c2CJgRZxeMtq59gpq29fGYje8fNzXI1UJEOlm6-ycgIZiQ7RCYTzGfuKP5ZqfOozLz52PKNceKLSNxrMl
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
NYJ07JoQbhbwWw+C/yoAAA==
pixel
cm.g.doubleclick.net/ Frame 2634
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIWjXdt1Cvb4H7ILfYq2YUk&google_cver=1&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MV...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEIWjXdt1Cvb4H7ILfYq2YUk&google_cver=1&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MV...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3&google_hm=MDMwMzAwMDNfNjA1NWZ...
170 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3&google_hm=MDMwMzAwMDNfNjA1NWZiMTZkNTJhNg%3D%3D
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Mar 2021 13:39:34 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitULPUQRhhwVuDLJUAshHFbZlk3TGfRbT1iL5tAWCH5WTKuLFVXOXcRN3nfaYo5Iw92BGsPuPeOF3MVxPharkprkZA7PYN-B3&google_hm=MDMwMzAwMDNfNjA1NWZiMTZkNTJhNg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sync
x.bidswitch.net/ Frame 2634 		0
0
/
sync3.sniperlog.ru/ Frame 2634 		0
0
pixel
cm.g.doubleclick.net/ Frame 2634
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP7KUSuyM-T7TaYFaPabEO0&google_cver=1&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9x...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEP7KUSuyM-T7TaYFaPabEO0&google_cver=1&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULfFcVb_baz6aU33DYr4-o3o9A3APWjOCV38ayEncUNl2qUKvqQInZ07oOBvxw1MqycF5pAw5wNyAch2lttx8rZV9xTiE0g
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 2634 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 2634 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMQ8vySKoT8auCpNI6FG8DUde2EoESPlUupAr08307nV8w4Mb-bKWB3BKaKGZIzsII4reo
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame DA8E 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED3wtdyu6SafTV6sJEUG9bw&google_cver=1&google_push=AQvitUIn1lswUm2Qt5MhIwgQJBEC8eeyJiX2vE9ePiwujSAjyhedls0nlQeW2rygf34zi82W6CtHW0RuCsS6U-CsXI-aiQjDvA
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cm
gcm.ctnsnet.com/int/ Frame DA8E 		0
0
adxRedirect
tracking.m6r.eu/sync/ Frame DA8E 		0
0
sync
sync.srv.stackadapt.com/ Frame DA8E 		0
0
v1
match.sharethrough.com/E4rooAtA/ Frame DA8E 		0
0
p
google.ops.beeline.ru/ Frame DA8E 		0
0
p
sm.rtb.mts.ru/ Frame DA8E 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame DA8E 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JllCi0gx4yfFM4x1DBOEahjpMEDvWaEkG4cmQH6yr0YjriDqWq0ubvfqTmOYAIvuEA3jN1sy67
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:33 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 3AC7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
88473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
CoopExpBd.woff
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308924613/CoopExpBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308924613/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3018fb089e3d43b8dc1c80238e82c84493517b795c5676ca9e671853fb78f81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29308
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
CoopCondBd.woff
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1604308924613/CoopCondBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1604308924613/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29944
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 73E4 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstC0k-mpEKIcZkRHIVOAQQNBTtxIClZgxnhZFKsk9bXWHoVyk2F9nfBIYYdogqiS-nOWyo-oz4I6FFNAidjU-zoUTWC3u9KHSiXGF5t66Bi4v_0Vs5g-1x_D0s5JNm_dr8F4cNf4WTEzjw4esnmgTj4fPE5Kq-aOmhxa7XP0eEb4aGhGzepfEkHFcIe5S6VQsBfXDw-pUe77Z4L4RQbfkcUipWufycVKPXt8DIZh-YLF-ICvwYOGQiuhJa6TYwGOESs6pXgnVw-2sfG0pn6DkhcknZ60MnJr_tKK8YANuodWMESp8fvqWIbq1K6nqeBWz8SmhdmbzeAh49qdtvfwoMD9GABQrMJaNJX_9Lwkcnmg26ozvosykZw5M9uUBnoao--3n1NOxGQiiBD7HqidLFCUEKKe7_DQuR3VMCt2oxVPKR5VDxxX6unKHChXWJIIbuPrpotEjmVVJl03qcYJqI0ZuEOUY7eVMlDbVHCTVG2sq8xxMVs3BcouxJ7Gq_KLYVsxgJtGk5H9NvgDtvC0-5QVuh9xLc-ywqj6yA7Y2Hfmcr-1xPAV-HnPFybIsmVDXHfO-kfwLDigsFqWjm7wd31GAlh8rqXB1htwnv9rEWbDxeTYPmx5u7O73aKAj1HaWfdRlOa9xAe4EaqEyjXtem34Ai0NiZcaEdto77bQGan7HnJjcIxqSscBclFzdD9LDts_YgF6NwAfomrUGM81-l7udztDh4OJ_d1wPIrvtxpweTDoqTz7sqxr2s9KJUqNPXwT8MEUOLV01zITX_PkpekNAIV0huyRUij77Dcr_krAGNmEieiuXXxczkm8iNCwQvOoE7VOqutwNitnRQtxqNlYI_qae-oxWouPeNppxYzI-tmcGH1uMgtGC_nKsg_XAyu8oESHwFJSPnTSUlUil9VQn2PQj_oK9t-jylg-STz859TTIQfX6-tUiFWknHrcI11E0XvrDhS9bf3s7GCp6Jw-ab69h9gFwn_rqIDcB6axHW7SsUYGK7N3wcy-B4lkH7nAQHbnMEbPwemX_JC73IgSrkO24hb01pntyVJf0H4yG_ldzt1XRZAqh6XDc9GiI0Zr-eJFmgoiCVbHky7UrD_wcerRe4oO7-JHggmk1f2v9ttQdqlQQu4sFtO1KHLJMbaBEtI90RsVBKXeWCdCrew3fstwciCTypv7i6JVyrEbeGIjPRJaxdPn3b2VTkMjW4uq-NqUPYy4mk69oTGJO62VgQxO9nVrHil4hpTKxnIr0Vt&sai=AMfl-YQhdzQnflMC5zTydp4-loUSHMrEdaqnwhI4bVt52whvXp13NokxG2GhFxkOVtWTVcQ9oPExE0nyuheL11qm6D5wIND1rYSduk9dDslxAQwc9EutkyHcyFi3t0EOoSZYwTHdIVk1tUz0iyJaQcYRAOeci_I4E_D54a70MFw0nwVOU-hoJxey3g&sig=Cg0ArKJSzMWkP8E5wt6OEAE&urlfix=1&omid=0&rm=1&ctpt=285&vt=11&dtpt=188&dett=3&cstd=95&cisv=r20210316.73515&adurl=
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE43/2889979/104130935.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8340 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoFmCFPtVYJy1NMKvx_AP0qu_QAAAAAA4AeAEAg&bg=!9fal9rLNAAbUo7L91KM7ACkAdvg8WmT6a9IswfQ27fZFrQKmC186TZmoDSdU4Wp_Gl58fdTNK7lFmgIAAAHMUgAAACpoAQeZAnVH76zcwSNlvnSVDtFqhnVgOyb1JOFKLkTiPzyIxpLzAQP-cfkSEbL6hQkaAiq8M-ILRvRGhn0x0zaloDVKuFAos3EOg8r7a4q1FdRVOilkh7E74aWdrRpzp3D6KZY_2puvfbKxTTxtIgH3ujUdoRQ2KY_7U4O4vjymgLo_fWaA4BNVjYxJ7cJF8sI_h8P9Lt1zdHLMhRH_TQjXAoW52WgDf_r2n3Qt3YBlorUtdNTufCL_ESdOyYY6deY05pyKOQmdN2nJTzURxgwsXsCaoFAHKFxKTstU84CxCC3PEpVpuDHFYfUaZU4-8nZpiyP3y3gsQL1xiTEBPSS1ZNeFW-bVnu2jCw1rPcxdEL3vEO8NPcGLwEk4SpT6pqOrJLeQK4iDTBLlgLsFtf0RWMBwvS3LG1t0hMw9kekziwpzAIlOFyNN0GhzKRCg23GXlWvsd9gQwltNBNB7_Sv2hDZrsjBgsEdsSIiDZ7Jnv8NdX1pbRu6hosrlDG-ddC6Y7YT-m9FD5pV5xLYtVX23dXJQNiaE96fT7SehdAfxgwoSxsiuuqu0X_YfRhubMcmf8A03iHWvWpAcOiqyPMSTGZPfHwW0f5J8RovJpBqL0MZKwQ_7jC2tiye6gJVvF9Qflw8G6jQDRuL_COKJKZM8BNqkxG6gu6wTxJu3I7yV6fcmcjKdu2GYkVnGQOqEVvCY9e3e2s3ibYWNJINQhlEQRjFoZGED7wWaxDKe1y-tCNdagRFGLC1fnQEpkde1eLns5QEUt9V37xoxCdAlGuac2kazdqDm9xTa5hEsrCaqprv1QYdyKaAtr53E0b_09piIrooTrKxSlG5_qg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 5E3E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
88473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
coop.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/coop.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7509
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
Coop-Icon.png
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/Coop-Icon.png
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3753
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
Theke-frisch-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/Theke-frisch-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16567a7c25c8f64c0861b7eae3892722920bd09e5a77dd293799eb034194b551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:05 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17005
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
tete-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/tete-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4d27239f61f3f12e511f7774931c0d59c456971f9f6ef1d7a13a2408420d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24916
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
aufschnitt-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/aufschnitt-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6de2bd9b5cb6e9ebfbf874940becb16016151d713ee19049eab99dfe0965ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15912
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
brot-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/brot-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30302ebb7094c997809ca671e593375ba4e34efe494a86bc3003692ddd27099e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17048
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
lachs-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/lachs-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
764a170851cb6e2d00a02685b39a0c28a3378a19c82a568c4cfbc5df52af8031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21126
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
Ka_se-300.jpg
s0.2mdn.net/9506911/1604308924613/ Frame 1AF4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1604308924613/Ka_se-300.jpg
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81404aacb0d84988d864c671b075ca74f1baa4cebbb9f2b4c646233117d2d73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1604308924613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:36:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Nov 2020 09:22:04 GMT
server
sffe
age
176
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19900
x-xss-protection
0
expires
Sun, 21 Mar 2021 13:36:37 GMT
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.159.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:36 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 181E 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJ5rvCPJq7nZcRUsrkut1QSdJCHCHon9v2OrTDD6moo1nAO8_JR49VuB_nB5TYv0G99HljUVKlskr9n-Z94HJAvdUxFjUy04eiv3x8J7ogX0k33m1HwLpi9uA&sai=AMfl-YRmuFyEajdZ9gJle11M5BqdkF0jZvgQU7dRSn0zQL2aKcDTQxUqeO1PK4xGEU2irDey3SaxN0HBJv3NjTl0uY7u5-NwX5pBQaE8l4W0zigW7FAbcxm50uaB1xSv&sig=Cg0ArKJSzKKu138gQ-oAEAE&cid=CAASEuRoRQRWVqIc05ddpjWfI1ufyA&id=osdim&mcvt=1028&p=246,436,336,1164&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=727818146&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1616247572752&dlt=69&rpt=65&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AC7 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByqOWFftVYOPXGsKvx_AP0qu_QAAAAAA4AeAEAg&bg=!BAelB0PNAAbUo7L91KM7ACkAdvg8WkPlXgvFJXczmzap81Ycy7Ozokz6IIqgLSocj74h1Hc0z9x1TwIAAADdUgAAABRoAQcKAKMwHzAq8n6dn3GQlZ6DFuc5ta3lnxcxoFKfxJ_y7OTx4FiQTnobkO4JQanU0vZNT0VU6b-4yKeLhrdashhyB3MjrqrMRaPIG-fBMVGE3QOhRs8XMk3TpFYqQD4dFSMCr9T5UUL0xjLNYpcDSYL148xQ4tbGFu9u0zZeAq6ioe_YQU3Yi3ojM1IFV8a8gnXls7-a6Q-EQQ9B28fkmpTB9lMMyUHymQJjS4UP0NEF6e3FBn8LpPYetii0kY9lMXJLRY4VOu57GCys93bUcINtlY25uPQDurtZq2mqnnHM2LBhq0OnIQ9kLc5fSLFe7xd7TZwZjkwDPHhpZLeVEaK_cAsTjlqHH-lJEOnwrcNYDTkfGDnr77Te4_LTBgSebuimrnmNtoIYBosnu7KkmCN1DOwkBhD7UP9t-JTF0ATxv9T68CFfjdib_V9PaWoc2CBivDf5Y4JB9HotIcDJCBH3oqf-aU_deb03nCNZHZeDqzx2OkuFnQOIeT4uStEzC2YEiZCelBmFLOiN3QZIabbPelyiHrTPFrwaBAAE1wsdCW6hmBWqgwL6cz1AZbOHtQNJUgOjbcXFqKlHsDcbA9R4SKG93SNJ-eUARxtsSzxU8BAUomySWZffcCPnGzaw5OfiyF9_U0V_Aon-q7J55lO0uUHFqvbC-V_Zsi-YoADOu0YCBOc0vQf-9AScZaw_KJUJjuQSbpY2DOmeFB6MgkqhdgkILTJ5RQ9mEJQVfJc_rc_k3kWyt6yECqrelpDC4YDBnu_jfdt7Q1m_1WaXbIc7OzIpcvYo6Kp-asVGZtoVB_eZmd6GEzi2pGAbRrS49NqPxDk-MpnOUQGevIaiH479JyBSQVr5p2j0kje4s4gpcISnhmrTwZOMGrYOyAn8nQlWlK7_9lXdu5ixS7ET3aCIdlCo8mZotuzQxaCzwDEqnTuou4N1TscGQdss1ImnKWjg3BrrYZntk3a2YqEsvwbQpBVG8LyCRmUdvhVNuwDHElRRnsqt-gqBpwCAugeJ6NjVfhCWCFSKpv744ng
Requested by
Host: 4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
URL: https://4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E3E 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsfhBFftVYMmvG4ugrASUmILQDgAAAAA4AeAEAg&bg=!trWltfHNAAbUo7L91KM7ACkAdvg8WnS9NTVZeORcDK8WusBurUAnCC4lS16WFOYjIjTCrLnuSF7mgAIAAADHUgAAAA1oAQcKAFBKzrMVdmh6JPifnANgW4Q-kcArZxczHtrxNTgWx9OJyuNLvkhfoQOhIePDCL0opFiUkICfHuLbjJRt46TghPpUsm8T5YxYrUPTY6baiyLrCpkCZ8CoFcWyyrmAvGcaD0e7ycHvkXfUHFs7xZCK951fDjJuqgybgFI-z4vh4Wwi62dHcH8WXZrSVOI1IVYCvIwUq6HD_XfELJuHxCXDQZxoluWD-CpwHMZ0ZdrtZijnbOqt86HgpB4jGWfl_9skhzTAtm4VJbCLRx34rxnWl7Hr84OBJF_-kUZIY7heqTw8KQcrdizoea9zA45Gk0wi4Bm9XOlT8a-nbm1vf9x6NbCiapCP9cyMofk3Sr80wyxO0Cm0pa_8MYLurz4vrziE3PXZk6bZoxvjkJkeLLJ5kXhwRLwcSPY--v-d8Fw4K2t_AbwdyRZTXT35LN1zHYwmZQ13cjw6rABE3GrN4rwvno5tbQus_5MP698b0Cgvi068vg59z4VSc1GBHHJqLMgkfBys3qy81qh_1EuVvipruT02bwFd9wDm6h7m1X1B9wGAPYrDH_8seS-D_qp9qjcZtcntbGJzsZ4MkfeztPImpU8k0AERsHFxDSQo1wHGf7SzQC72NM2wB0pWoHrj2U6d7YpyW_023LowAe2Y5zE8ik59BXbBbLUt0uNn_1YZtqlNQYZKZjSvHZGOHbTYOOKZgK3Q3-T6yP9rfDiGKaAeGkamb0EIRrt-f3Y906NlFNhlZnTGCBL5d8HCvXYY6teF8oYovtBZA7BLVmRnaCkthgJveEY20x72-9rj5AuQiTtxZL7S0Yh82PxrqSFcskSSiIzolAGhQ-yV-TooH-bitM3_0S-kvgt8afl4cLPKieys-tR6JF1p5g_0xuFCn8TUi2B9vRRw-0XbMqgc6qqO-jVrHX2exFuOQwbS3w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
intake.pbstck.com/v1/intake/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=be9978eb&tId=dbb1dd3d-4ef4-418b-8674-c575d2a7ac81&c=1&ctr=DE
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
632f58eb0bb01456-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f175e6e300001456de1ae000000001
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6565 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 13:38:20 GMT
expires
Sun, 20 Mar 2022 13:38:20 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
74
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 6565 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
88474
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
syncframe
gum.criteo.com/ Frame D92B 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.gala.fr&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.gala.fr&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1589
date
Sat, 20 Mar 2021 13:39:33 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:39:34 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 21 Mar 2021 13:39:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=854455304028611&bg=!GxilGFzNAAbUo7L91KM7ACkAdvg8Wiom8fVJ52kVleUpGttuZPuEi--pMUHxkcARwhauJ4d5zTW33gIAAAB-UgAAAA1oAQcKAFYdd7Z7uWSkWihqmob2afkMYoUxkrYO5ZGJli4ki1nt65R5GZJeb3DxsoL-ha4iDkef9BsTV4LZE_EMKoVfxiVF2dR0pf6GwqiQwlx6dPTFf38NKxC8rpkBy5iEvs2xTi72ePagH6Pl3rtrTtJF1irS4uGIPaRlhSqb36qS_goNANeFpjATYHf92l_BPfWDlhvHs88bjPoqMdlG4Wxzpbg_532wsK8fShLisIOuMqK6UMHvctnQzHAkOudDnacrMyIseF1OLl2KNki-sD2EOlscLGi-MSctfUfgljsN_i432XWkoXdfyRUCd_8mDAQ6brLlwDjYKpgysukFZ6BObScxE1JaTJ8ubqk64ZrpiTuIH66132gh15ceZVRKCYHFYG3E8YGmTECwSxNVXTJLA1IbyqhLjiDy1V-98lL1VRqPxoLcxsP-UwXtmmJ3MpvnztP9HWqZUjKm-anNnmorZb-WFnTKkQgcKz3o4xmnoXJsgFZxJl-e8dbZ_4DClens5x4yTngLEC0VN96CCUWLAiln47Zt3CTWNO6b67SPTJlMC-_9P5PpTrosq-FmKwmS1Th4TSk9hogVWlFZazvJbsRDY7DUo_DFaOpAErgdBBZCo0IQHlRy1EVZPr5JO9IFuhpvxxBEkLeZFur0FOgwJqzAF3wbRictaJUZusziWGOfALddGwoQhbN8Me3BN6WjzY5s_rMElYlCftsNkMJ_FdZIdmchvw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
164.json
id5-sync.com/g/v2/ 		0
0
envelope
api.rlcdn.com/api/identity/ 		0
0
u
1f2e7.v.fwmrm.net/ad/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5f622662eda73e87e273d08189abe3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:39:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Sat, 20 Mar 2021 13:39:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.159.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-159-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:39:36 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
engage.js
sdk.playtem.com/mediation/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1z2jf7jlzjs58.cloudfront.net
URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
tr.outbrain.com
URL
https://tr.outbrain.com/cachedClickId?marketerId=00c8bc6ea6946b8e7d608e3cf1a6b3e018,0088c68ec792cf8d4ecdd00a532f69c9fc
Domain
tr.outbrain.com
URL
https://tr.outbrain.com/unifiedPixel?marketerId=00c8bc6ea6946b8e7d608e3cf1a6b3e018,0088c68ec792cf8d4ecdd00a532f69c9fc&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&optOut=false&bust=016798702048213876
Domain
abs.proxistore.com
URL
https://abs.proxistore.com/fr/v3/rtb/prebid/multi
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.31.0&referrer=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&tmax=2000&gdpr=false
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&CanonicalUrl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221&PublisherDomain=https%3A%2F%2Fwww.gala.fr
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979504&size_id=2&alt_size_ids=55%2C57%2C58%2C68&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&tk_flint=pbjs_lite_v4.31.0&x_source.tid=3edf1e2c-ec11-4d01-9fb0-462a0226346c&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7630407477905061
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979508&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&tk_flint=pbjs_lite_v4.31.0&x_source.tid=31151601-6d30-4a5f-a511-c39ffc2f305b&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.45855911332832444
Domain
abs.proxistore.com
URL
https://abs.proxistore.com/fr/v3/rtb/prebid/multi
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
pbs-front.mediasquare.fr
URL
https://pbs-front.mediasquare.fr/msq_prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
pbs-front.mediasquare.fr
URL
https://pbs-front.mediasquare.fr/msq_prebid
Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&CanonicalUrl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221&PublisherDomain=https%3A%2F%2Fwww.gala.fr
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979518&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=btf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&tk_flint=pbjs_lite_v4.31.0&x_source.tid=48bc6ee2-8458-4342-912a-2f8390ba039c&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.1624087466244153
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.31.0&referrer=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fbrigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&tmax=2000&gdpr=false
Domain
pool.grid-data.bidswitch.net
URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFX7EgrZP0_lLIYDBJaWPQAABJEAAAIB
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Demx%26did%3D443b5777-fe89-4dc7-be67-551a82bfdc51%26emxID%3D%24UID&gdpr=&us_privacy=&consent=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/709414.gif?gdpr=0
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPf-gO8I8b_q29r9UEHEP_g&google_cver=1&google_push=AQvitUIIN0lU_3sm2bzFQNKPWpoQak84sBQh8EiNWyOncvCEBoTaKaLOS8N6yYs3lKeUNavu2pP9xJ8A0PutZjhgEs84P8w_SmlM
Domain
google-sync.rutarget.ru
URL
https://google-sync.rutarget.ru/sync?google_gid=CAESEFThG-TqKEUPxqfIXFOiH7s&google_cver=1&google_push=AQvitUKcZid7up6l4ce3SYChRUogNOz5YBS-5Na7IydqenArWdcgp7DCqOJwfK4E0c0uC2OWKgvr916SL-IIIqb-s1nFq0M9LFXP
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ3PtNVlQ-ibmE54zztflNk&google_cver=1&google_push=AQvitULvYMDGxfNCNx41NjkRsCuJBbOKj1qFSVGdnx7IZgcFs9MLRZof-1RhN0Sb6HyTOqUnTnALmtFM-O8tfWiXkj4oaiaTyIz9
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESED2hHetv8V07OemefHNk4xU&google_cver=1&google_push=AQvitUJb5aOm7WqpCNf2_1TJa4xuZrMybz54zbgcK42stsvmcyTBZg11yJUYbcThiQ4PRvN1geMGLT01omxk6W_CChBAxLDueCxQHQ
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDBbgw1_1VqRabElz9vN-gs&google_cver=1&google_push=AQvitUJ6zMxS2vevtCYcaoxYSuol1PMgy8XDnQ-pwhYtldyWeCQ2sNT0-3tFFY0T1xN2HPlVrRr7an5pXD5zeJMEaYTaTbOSw2ltQg
Domain
google.ops.beeline.ru
URL
https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESELRRp6yxGZLLgPQQ2Lyk1SU&google_cver=1&google_push=AQvitUIyKp7Yzpn8s53nsFgnPo8TEgfwyXTCVQppSBVdZ6YA_9NATDyZej5evAUTPpsOA3VzeBBlGrl18H3mGTxarrPF15b0eTA0sQ
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=0&gdpr_consent=undefined
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212293438
Domain
r.turn.com
URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEI9FASkKQeFJltylq_6cKTQ&google_cver=1
Domain
ads.travelaudience.com
URL
https://ads.travelaudience.com/google_pixel?google_gid=CAESEKgcg6y6CrgUF1qHz-Kdthw&google_cver=1&google_push=AQvitUKIVjg8zUk-K0AZ8MGQa_KaoJZ6iGba8u21LcDLu6Meo6fNmuGqLRjZ4NcQ6H88K-qbv1GMYdEzx1AcZs6AP9nxDoZl_7g
Domain
ssp.adriver.ru
URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEG9wSiHUp0RSLG3eLKaeX4M&google_cver=1&google_push=AQvitULXvh6K17YaS0FzUwCIHLCFoKnbIliELetyotP2i6NHwPTRIGdupUgYvDfEpRNbEN22LkbC_pAzTPNJ_gI6o-JcvotVakze
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFxYZ1Qu9nWdjlGO721d6_U&google_cver=1&google_push=AQvitUJN4VMlrja0wM9LARAJwn87-zmbikAlufd7_KTF51WlE1KdOFulyQwCkY4jck9oCOYJYVeQQAmCZ-TxvVuIyEaFkLegvPgX
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUKspqF_8N4xvMWEjS5So2bCv8FC8S_A_j65Clgsm345gqPB01foDN-_SHVjaEC33pYWofZeLpTOWqPJ5uHbwCQjdC4ItlH7%26google_hm%3D%5BUID%5D&google_gid=CAESEMLtdu76EJw2kg2L4oboPRQ&google_cver=1
Domain
eulerian.sarenza.com
URL
https://eulerian.sarenza.com/dynview/sarenza-chfr/1x1.a?ead-publisher=ignitionone&ead-name=ignitionone-chfr-202103-acquisition-generique-op-generique-all-multi-ventes&ead-location=ignitionone-0x0&ead-creative=generique-0x0&ead-creativetype=0x0&ead-mediaplan=acquisition&ea-rnd=865450950
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGaPVnfODoRpozfvisriQ1k&google_cver=1&google_push=AQvitUJsWh7t0UhdgvTKvoMRX_4xBP8lu8ThtkK8gnVrZlgHnmAhJdssQ-K5W8l7eTzDVTay437qipqXH1RLjuNSAxsxTRdoYox3
Domain
sync3.sniperlog.ru
URL
https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEH5IhmVxQTOcYUC2X5-N6WE&google_cver=1&google_push=AQvitUKUPdz8Br-GRaDUPr8EhQjSETIagGv2GBnHZ-8NwjKq5vR0BoF-xp1WbWAdiT-cyqG90r5YlPhl4UI1wZcMt1im1w5SbSix
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJeMQSotIi16tJNck1YOlWg&google_cver=1&google_push=AQvitUJpLMv32s9tv3kIzZZKZjfaidGyVnk-tFRANH2aDp_F8MnpJZN_ljediSooT4tD6NQK_zV0jAjA2drpWOvwwHBDMCIRzGk7
Domain
gcm.ctnsnet.com
URL
https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL_WWAteEudSeJlWhR5PK6E&google_cver=1&google_push=AQvitUIpvLFXyQ-9GKJumDDWe8oRD8ZvkUT_S_kKfEUy4YrPjiPT3T9K0sIHz6j5VoTbTz_e-y_7PFmoQSdyaozMZUWP4dJDLg
Domain
tracking.m6r.eu
URL
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEBHmqxvgbodytqK7aW1YVQg&google_cver=1&google_push=AQvitULPvJm1AUJx2i6rkRdtWCHvjl3VOTV9g3djeZHXCtrw2eIrJEpQh0ejXlDh6Neo1EmDEFpQsJt0W74fdjZbNH0Hvh9j1A
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDTdCN_ywU5bzzF7F7LLtnw&google_cver=1&google_push=AQvitUIo9kjemwwf-EJ1cOWwLGLn5fZ0sTqEyh_oPlcORKfQQ1knOixq6Qa4bVfGhMibS3f2fo5UKcLh5VxHKOVikfAt-EXeAfM
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEwt4Hi4FOQ5f5cmeOXhGSU&google_cver=1&google_push=AQvitUIlx9f_KLVE5KNexBOIrQMRUb3nOExL2nOQlJ1CAgGQwLBpkL3RdTnCL-wbF3DDCvVbJecxiQicoJLAPRuLJcmIrXWw9v84
Domain
google.ops.beeline.ru
URL
https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESELRRp6yxGZLLgPQQ2Lyk1SU&google_cver=1&google_push=AQvitUJDCEpCsxFKFS9uNf59jwVg0NcRgXlZCO3A18WnUkvSvrOpcTkoxw4BFCm6f8Fg9ZnhQqhegjGRTXBJaLfw-9ChH0ZT9lIx
Domain
sm.rtb.mts.ru
URL
https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEF4j50JPVYX1nKRhRPDGzvc&google_cver=1&google_push=AQvitUIcuoAIYkB-bmht99kVwzYifWITaXyJ_OBv-8ZoelDWZAdnQoVyNwpHg3tK4MhMRE_kSL-gZZUrNbFinhvRHpYZddKnHtps
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/164.json
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=98
Domain
1f2e7.v.fwmrm.net
URL
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5f622662eda73e87e273d08189abe3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=undefined
Domain
sdk.playtem.com
URL
https://sdk.playtem.com/mediation/engage.js?t=448958

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| pmcstarter function| loadCSS boolean| gtag_enable_tcf_support object| frontConfig object| dataLayer object| _gaq function| ga object| layerObj string| instanaUserId string| InstanaEumObject function| ineum object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| __core-js_shared__ object| core function| axios object| pmdBrowserTools object| picturefillCFG function| picturefill string| domain object| consentDomainList object| consentAccountIDList object| consentGroupId function| getUrl function| getBrand function| scrollChoice function| createCookie function| getCookieByName function| generateTargetingParams function| __tcfapi object| _sp_ object| PARSELY object| coreAds object| webpackJsonpcoreAds object| pmsCoreAds object| googletag object| pbjs object| regeneratorRuntime object| scrollMonitor function| _typeof object| webpackChunkPmcAPIClient function| BookmarkClient function| Bookmark object| google_tag_manager function| postscribe object| google_tag_manager_external object| batchSDKUIConfig string| apiKeyBatch string| subdomainBatch string| authKeyBatch string| vapidPublicKeyBatch function| batchSDK function| hj object| _hjSettings number| refreshTime function| onGalaPageUpdate undefined| socialGGA function| fbq function| _fbq function| srEnsureReady object| antvoice_variable object| ividGlobalObject number| tabletWidth number| mobileWidth string| myId object| _seedtagq function| mpfContainr object| galFront object| galApp object| pmcPopinConfigs number| 2f1acc6c3a606b082e5eef5e54414ffb object| pbstck object| Pubstack function| onYouTubeIframeAPIReady object| apstag string| fbId object| lrPxPrisma function| sendPixelsLR function| setUpAgknTag object| sqPrisma function| sendPixelsSq string| [eedmpact] function| eedmpdo object| s undefined| consentString undefined| consentObject string| pageCategory string| pageSubCategory function| obApi object| siteIdArray function| callback boolean| grvt_load_wrapper_functions_only object| grvt_customProperties string| grvt_siteToken string| grvt_processingToken object| script object| _tfa object| brands string| searchValues object| keys string| captify_kw_query_12166 object| ivid object| iframe object| $jscomp function| _$ object| easyXDM object| avsr undefined| _jQuery object| _sr object| social object| obj object| rtrim boolean| srReady object| CONTAINR_LOGS object| pCache object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| webpackJsonp1615911871826 object| CFos function| bind function| onWindowChange function| popinLoad function| ajax_request function| ajax_response function| cookie function| open_popup function| testmail function| get function| onPopinLoad function| run number| rgxid object| rgx object| ABTasty object| abtasty boolean| InitPubStack object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _pbjsGlobals object| invibes function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| headertag boolean| Identify object| ggeac object| google_js_reporting_queue boolean| AdsManager boolean| apstagLOADED boolean| Amazon object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError number| grvt_tries string| queryString object| urlParams boolean| debugMode object| grvt_wrapper function| grvt_callback string| token string| processing_token boolean| check_also_mr object| ats object| atsPrisma object| __ivi object| pbstckQ object| cmp_list_v2 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog object| videojsDock function| videojsPlaylist function| AdwBrightcoveVastLoaderPlugin function| videojsVr function| bc boolean| BrightcovePlayer_rktQWRD8 function| WebVTT function| VRDisplay function| VRFrameData object| vttjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_726634 function| eStatTag object| closure_lm_32601 function| AdwBrightcoveVastLoaderPluginFinal object| adways function| adwMobilecheck function| adwMobileAndTabletcheck object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| freewheelssp_cache object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| advertisingConfig object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| google_image_requests object| ptmengage

3 Cookies

Domain/Path Name / Value
.gala.fr/ Name: _gid
Value: GA1.2.231440631.1616247569
.gala.fr/ Name: _gat
Value: 1
.gala.fr/ Name: _ga
Value: GA1.2.1138525389.1616247569

18 Console Messages

Source Level URL
Text
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
[object Object]
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
Error Failed to execute 'createObjectURL' on 'URL': Overload resolution failed.
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
undefined
console-api log URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api error URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
ReferenceError: tcdata is not defined at <anonymous>:1:122 at t.addEventListener [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:150371) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30080) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119743) at t.e (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30552) at t [as constructor] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:29975) at new t (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119547) at e.apiCall (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57404) at <anonymous>:1:25
console-api log URL: https://js.antvoice.com/sr-gala.js(Line 984)
Message:
{"page":{"type":"ProductPage"},"product":{"url":"https://www.gala.fr/l_actu/news_de_stars/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-larrange-pas_465221","properties":{"WithVideo":"true","MetaCategory":"newsarticle","Category":"l'actu","SubCategory":"news de stars","DatePublished":"2021-03-19T17:02:27+01:00"},"id":"465221","name":"Brigitte Macron encore privée de ses petits-enfants : pourquoi le reconfinement ne l'arrange pas","description":"Début mars, nos confrères du Point révélaient que Brigitte Macron, testée positive à la Covid-19 au moment des fêtes de fin d'année, n'avait pas pu revu ses petits-enfants depuis des mois. Au vu des nouvelles restrictions sanitaires décidées par le gouvernement, les retrouvailles ne devraient pas être pour tout de suite...","pictures":[{"url":"https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2F44f5d6db-d4c4-4d41-a1ce-df4591995a46.2Ejpeg/1200x499/crop-from/top/focus-point/2742%2C1653/brigitte-macron-encore-privee-de-ses-petits-enfants-pourquoi-le-reconfinement-ne-l-arrange-pas.jpg"}],"status":"Active"},"version":"1.0","project":"gala","tags":[{"type":"Generic","name":"première dame","action":"GALA_Generic_View"},{"type":"Generic","name":"confinement","action":"GALA_Generic_View"},{"type":"Generic","name":"petits-enfants","action":"GALA_Generic_View"},{"type":"Generic","name":"le touquet","action":"GALA_Generic_View"},{"type":"Generic","name":"brigitte macron","action":"GALA_Generic_View"},{"type":"SubCategory","name":"news de stars","action":"GALA_SubCategory_View"},{"type":"Category","name":"l'actu","action":"GALA_Category_View"}]}
console-api warning URL: https://tra.scds.pmdstatic.net/advertising-core/4.111.0/prisma-prebid-plugin.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://tra.scds.pmdstatic.net/advertising-core/4.111.0/prisma-prebid-plugin.js(Line 1)
Message:
fun-hooks: referenced 'adpod' but it was never created
console-api error URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
TypeError: Cannot read property '1' of undefined at https://asset.easydmp.net/js/client.js?t=224479:1:7074 at Array.reduce (<anonymous>) at https://asset.easydmp.net/js/client.js?t=224479:1:7041 at t.getTCData [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:150243) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30080) at t.e (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30552) at new t (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:29975) at e.apiCall (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57404) at t.getConsentData (https://asset.easydmp.net/js/client.js?t=224479:1:6924)
console-api error URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
ReferenceError: cmp_list_v2 is not defined at https://tag.agrvt.com/tag/v2/wrapper.js:113:99 at t.getTCData [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:150243) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30080) at t.e (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30552) at new t (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:29975) at e.apiCall (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57404) at https://tag.agrvt.com/tag/v2/wrapper.js:109:28 at t.addEventListener [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:150371) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687)
console-api error URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
TypeError: Cannot read property 'consents' of undefined at https://sync.getpublica.com/sync.js:1:11302 at o (https://sync.getpublica.com/sync.js:1:8965) at t.addEventListener [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:150371) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30080) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119743) at t.e (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30552) at t [as constructor] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:29975) at new t (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119547) at e.apiCall (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57404)
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: The prerollTimeout option is deprecated and will be removed, please use the timeout option. The prerollTimeout will be set to the value of the timeout option.
console-api log URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: Setting up IMA middleware
console-api warning URL: https://players.brightcove.net/811631557001/rktQWRD8_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
4118eb9d792bdfb6a881d4555a8139c4.safeframe.googlesyndication.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
abs.proxistore.com
ads.avads.net
ads.stickyadstv.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adtrack.adleadevent.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.rlcdn.com
api.taboola.com
asset.easydmp.net
assets.playtem.com
ats.rlcdn.com
avads.net
bcp.crwdcntrl.net
bid.videostep.com
bidder.criteo.com
boot.pbstck.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.mookie1.com
cdn.parsely.com
cdn.pbstck.com
cdn.polyfill.io
cdn.privacy-mgmt.com
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
config.seedtag.com
connect.facebook.net
consent.gala.fr
contents.adpaths.com
contextual.sirdata.io
cross-prod.antvoice.com
cs.emxdgt.com
d.agkn.com
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dsp.adotmob.com
dsum-sec.casalemedia.com
eb2.3lift.com
edge.api.brightcove.com
er.cloud-media.fr
eulerian.sarenza.com
eum-eu-west-1.instana.io
eum.instana.io
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fr-gmtdmp.mookie1.com
gal.img.pmdstatic.net
gcm.ctnsnet.com
gdpr-tcfv2.sp-prod.net
google-sync.rutarget.ru
google.ops.beeline.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
intake.pbstck.com
itm.ivitrack.com
js-sec.indexww.com
js.agkn.com
js.antvoice.com
log.outbrainimg.com
manifest.prod.boltdns.net
mappings.ivitrack.com
match.adsrvr.org
match.sharethrough.com
mcdp-chidc2.outbrain.com
metrics.brightcove.com
ml.info-people.fr
nep.advangelists.com
odb.outbrain.com
odr.mookie1.com
p.cpx.to
p1.parsely.com
pagead2.googlesyndication.com
pbs-front.mediasquare.fr
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
players.brightcove.net
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prismashop.commander1.com
prof.estat.com
ps.eyeota.net
px.ads.linkedin.com
r.phywi.org
r.turn.com
redirect.frontend.weborama.fr
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
script.hotjar.com
sdk.playtem.com
secure.adnxs.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
social-reco.antvoice.com
ssbsync.smartadserver.com
ssp.adriver.ru
ssum-sec.casalemedia.com
static.coreg-feed.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bfmio.com
sync.getpublica.com
sync.go.sonobi.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync3.sniperlog.ru
tag.agrvt.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
tra.scds.pmdstatic.net
tracking.m6r.eu
try.abtasty.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.getpublica.com
vars.hotjar.com
via.batch.com
vjs.zencdn.net
widget-pixels.outbrain.com
widgets.outbrain.com
wtm.info-people.fr
www.adwstats.com
www.facebook.com
www.gala.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.img-static.com
x.bidswitch.net
1f2e7.v.fwmrm.net
a.teads.tv
aa.agkn.com
abs.proxistore.com
ads.travelaudience.com
api.rlcdn.com
c1.adform.net
cs.emxdgt.com
d1z2jf7jlzjs58.cloudfront.net
eulerian.sarenza.com
fastlane.rubiconproject.com
gcm.ctnsnet.com
google-sync.rutarget.ru
google.ops.beeline.ru
gu.dyntrk.com
hb-api.omnitagjs.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
match.sharethrough.com
nep.advangelists.com
pbs-front.mediasquare.fr
pixel-eu.rubiconproject.com
pixel.advertising.com
pool.grid-data.bidswitch.net
prg.smartadserver.com
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
sdk.playtem.com
sm.rtb.mts.ru
ssbsync.smartadserver.com
ssp.adriver.ru
sync-tm.everesttech.net
sync.go.sonobi.com
sync.srv.stackadapt.com
sync3.sniperlog.ru
tlx.3lift.com
tr.outbrain.com
tracking.m6r.eu
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
104.153.197.189
104.18.132.145
104.76.201.181
104.79.88.202
104.79.88.250
104.79.89.48
13.226.147.71
13.226.156.162
13.226.157.31
13.226.158.204
13.226.159.122
13.226.159.15
13.226.159.3
13.226.159.31
13.226.159.68
13.226.159.74
13.226.159.79
13.32.21.120
13.32.21.61
142.250.185.162
142.250.186.130
145.239.193.53
15.188.224.144
15.236.153.130
151.101.114.132
151.101.13.44
151.139.245.16
178.250.2.131
178.33.42.71
18.184.216.10
184.30.21.112
185.29.132.68
185.33.220.240
185.33.221.89
185.64.189.110
185.64.189.115
185.86.137.133
185.86.139.58
192.229.221.226
192.229.221.61
199.232.137.44
2001:41d0:700:347e::
212.129.3.112
213.155.156.180
23.37.38.181
23.37.40.118
23.37.42.132
2600:9000:2182:ae00:15:efbc:e300:93a1
2606:4700:10::ac43:1997
2606:4700:3035::ac43:d6ad
2606:4700:3036::ac43:b26e
2606:4700::6810:9df3
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:1b::729
2a04:4e42:3::539
2a05:d018:bb0:8d00:5b0:2a42:525f:75ef
3.230.55.171
3.64.73.215
34.249.70.28
34.98.64.218
34.98.67.61
35.186.238.175
35.186.243.160
35.190.16.14
35.190.76.172
35.190.89.230
35.205.207.25
35.244.220.155
35.244.232.184
46.105.201.224
51.178.20.140
52.18.147.13
52.205.167.202
52.210.159.162
52.22.84.205
52.28.203.152
52.48.137.92
52.95.123.41
54.217.233.60
54.246.113.218
54.72.19.40
54.93.142.164
64.74.236.95
65.9.58.107
65.9.58.13
69.173.144.138
70.42.32.127
91.190.170.11
92.123.149.215
00f9d2661b7825d50fb4a73d16118cb74afa2bf12edf77a64a2807cc8fef857f
015cff5d1e0f7b5c94f7ce811a4f79dd6f7c40267283b335ede4248a3b296de3
02e49295b2906f004206ca7351f08c2eba30511ed70ad6fe8af46656b4959738
03547537c1f5f8e3c2241822c62e49641f06d0fa41b6ba5f34b108b12bcb02f4
059d0dcb86cca77927d8cf90ff982021cec8523ea1629d2ff922085f37cdf43c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0903e0655c555b38589bb56a8e12b3d0f9d53abd1438e5705ec81b40841248eb
098af96d8c73d9608eb04f3738256a3668036a98d29ce3c9d105148231e0a0b5
09c903952291619a7179284928d52b39c60ff788057d7d3cb0dd230342028a51
0b47b796c880bc2b8c31efef2be5da7ec23035a8271cd015634ee7f5cf75f9d2
0b8980f009d599e5b4881057cf6c476e1d157062d7b98505635c26c0ba630efb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6d16e0a0b92676f6c42aec301b7e6d99812ce50c069177f4732acab524ad76
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
101a4ec981f5beb13cd02aa0876512f9b5f1dc69d0b2f90ddda1828677c492b0
10542239c05f2f0a6a2ea374f99d6369dd12a6eb79242b72f4f6fe680398fc38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16567a7c25c8f64c0861b7eae3892722920bd09e5a77dd293799eb034194b551
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
199482e6847d08a05f94318cb98a01eb05fdf420bdceeda9e2e50f1822bf33cd
19ef20ce8fed629cfea1cf81802fb712bfcf313f295feccf623e34ad789fdc5d
1c1e9bfaab5d5ebd9ff88a4938713eb70a4465979f0388bf48e7fca723e6db9e
1c559dbccf42b51e987345471ef5ba527eda99fcce99a3711f779546fa9c1a5f
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
23d068d6c5f8d296930a15bc2301976f888f693b4da578390e18ce3376a7d0f0
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2598e19440d3584cae862d26410fa6e545cc31d0b721f80b042d55ec599af604
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2715a1e4e16f95260a0e4799797b5dbaa2d2c61ff529d201f14ca88f3afe8831
27e9af45e7199f4b3578e56dd250282243c01472c20536fee0d020232d15a9b2
28edbb3857f4d86b41825fa010d80aa32e032fc0ff95bdd40d3b4317c3c6e6ae
2a9b21fb9886e06dce4efcd63d64df66a52061fa04d0ca78d6f2f0f6ed9fe7e1
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47
2ae53520190c31c7dd2e6c866c9d253d2a430b455498dde92cdac6aa3981983a
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d078bfd71ee28768e1bcfae4e5cb563033b9c46dfc209c49f1d5ec30d64ee84
2d5fe8a717872dcf281edd3aa100cbe2ba143547fa698adcafe0df196d36f0a2
2f0426609e4f9124e4ba57c507ed49f0c0555e80b2ecb85f1570905cb1a6e1ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff9513cad7c3368feed2c14c40e229cd94452de7e15d3fe3fb4a3d7e28354c6
3018fb089e3d43b8dc1c80238e82c84493517b795c5676ca9e671853fb78f81f
30302ebb7094c997809ca671e593375ba4e34efe494a86bc3003692ddd27099e
3229cf46f6753b600d45518ad3ea5d57079f5a6109516c0f1775c8c7822b9887
323d34dab70216c09889c2511a7a625a8d688d0a4f18f8f8acdf1813826ce53d
3316de663beee58f16abc04fd826cf2ff28fd64108554f2b28434981e0fd3126
3382c5e7038c0eaf55a445297162b532a1b6b2f2d62040e29d79e423c0c88552
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
376f4394e9d9ba30a499e547f0b8f6ef9831496f9eaf2228552635a94c5c0db9
3af09a8017a4beb0dd742a9781f5c09c431f8ebb9f31f8dcbc0101c88f0f540d
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57
3f16fcd84f2f239b85b283f10e4d1696b3705ce385c7e6fc082f39a3e6a43c15
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f6000577d7166bd28685ea2dbb24080bde08fda594f4d612e602b0ca320af2
416d10479d665ce3ddfc5c6ab5bc14ca38dcf3a8a4fdc09678df746db156edb5
41cf4019ac2c9bd46cea15aea7a631587f78b70efb1317c8166b002191a7a6b5
42b7ebcc0b7a7183c67c342d6b6f1fa08ba2404dca31540f77e3ff36274f6a2c
431f23dadd160fb60b5b44c9f93837b24624f4090b11a8905f7c0b6b220f1758
44db0ebce3b18d7c100c7667a01f170d967faa9daf36919127653886e86de9f6
485727a21b3eefd2fd346348d5917f477e27b47bc82481a1b02b581bb0e57378
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
493772cc793bd9d86db7ce05780a728a38657de29dbe0a348283cbc85e2381e8
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4b3bbdc7d83a502f9b39a4cd16879549abdbb95279f66820b8dfe4001b338c24
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b
4cd9d286ab7095662b0e4c4896d13b4babc1cd6791effc6c79f757138d006276
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8135d04da6ec58dd2471d19325cc62f041c51f18769cd63b5f271b0651b8a8
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
54be03796409cf67c5a6980e09936995bdbc20e195c34ea79598b10aafbd7512
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
586314b8779f0fc784735ebbcfa744ac1e21143955b82b4ed46f8b91b647f63d
59bf69bcb73a067dc5a15f87f4d1236bf10b7eb558ab5697286d3f4419b604fc
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ca4554043cdb005653967c6c7184978fe4b8057281d778403e6686d2cf12748
5d7c18e1f86e566be71c4cffe3766875fb424eb1fecedf5717af684222715576
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
62c2fc3365ed2492734b2f4d6fd5f80d9a4309f1cf04109821c3d2448dd431fb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
63acc25f0a8c9f956be7cb0e2b66b31251f804e2d30861fbb77382ead3e02553
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
669e7e7f5aa0c119796d832e8bb89e9a59d91045840db86cf77a8c9a9c0587dc
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6bb3692f37b2afb96a281beb62e1b91dcba47e24b1592cc02229ccef715bf7cf
6d45fef25132c8b5460a5cbe014ba1b258ca4e30920eb60173e4c1ca74b3c9f6
7074ae25e945d21ac6d065cc7359fd7bee37d9427c66cbede38ef0ad9ffcedab
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
736c2575b5d07d3699de76d348b018828b953c5910c34c2e5d36b005a48c5e70
748e1ef92bef1d36dc2d500c5aa01705ec3b00bab6c3596e88f91fe826967b48
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
7634627a77418d7b1f819666771e418fd736b5dc8bb7abe57626b3ff11c9d3c0
764a170851cb6e2d00a02685b39a0c28a3378a19c82a568c4cfbc5df52af8031
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67
7c0c8c3229e673fee98ef7b636ee0897a6d88bb735b767c901c6624613e2ab77
7c2179d2703a907d1f2fc1166ef41aa3e1938587778e098223acc3a3cc8777d5
81404aacb0d84988d864c671b075ca74f1baa4cebbb9f2b4c646233117d2d73e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d3007ad7d10d08f2f785f4beb96432d503730bf49feb4f5a2dd45cd857ab0f
844fb557b50a3f4a542b19ed7f27658b47b071fbddb71aaa4c827895ecffba62
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f65e86b46feeeaafa8fd03af0d4e61d36e4c07fa73f7ef1e12ac8e7d27e73c
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8a207c4a6b4335f049877c70b610847221fc81e4bbce7d7909abb9697f9f38f9
8b9b4f28406e17ffdf8bb33ebd3075e14daf9b5f3868262331e2c2d229ecc1cb
8d56b470e96dcd5fe9ecfc14cf953d932cacfd48ecd5024778aa95759306792b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f08b525fe46aec91197ef61557dffa8efd5ed0e287c6d8cb45852ac1aa8bca8
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
917a48d5da39892c1f6394a3bae82998aba46dd8af3ccacb44e65a85ff90da34
917d49a97131cf2fe435b05ebbfb3e05059e10db68b39b6c54db726aa2a062fd
91d1ae842a400f27e1e9d44953a13202cf985b5d5ff8948e66cbfaf748537ae8
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9318223c0ef5529ebe9cb96805a0a6b0cb1578851af0c5ed6755d3737f00d435
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c314bf828a2539f98bbb071531520334177cc88f3c7991e394d8f44306da7c7
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9e485b1b212dd0e5d55252ac7c0fa3e903b91edc51b85aaa3b39a4f0a9e01047
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b600ad96d3d3ea4b7f1721093ed80b49a4f8c199f23e2e2e23f6b7e9a24a62
a0ce8d2e8a4a3fda4a3a147d3a5be99509910e30b1a087c0fcbf9b11bfac9f20
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1cd89f61370b7362c362612635115198199a35881b975e39523d7734511f4e3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b0714e9482184a8976d18be722fbb6a12818715bb1aa4ac4a0dd12716b1eb3
a7241deec8e006b95bc0fa0b9dc83a2efbedbc6978a59be9ca58fcf6e28a2b0b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7aff0191f6533e4d0bc4ee6ef655b674046d1a00a7570bf976422eb795329a9
a8b99a966f3708223fd5a3421b6f21967dc252b752c2f3a6884dd3e0d8970eda
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4d27239f61f3f12e511f7774931c0d59c456971f9f6ef1d7a13a2408420d37
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4
ac1b65838f5f59db03a46ca10833a421da8c1fb9385b713bdc1935328d4e5696
ac72fb6790390bf18c50d6d435fcdcc12f710b516fa56b5fc4c40126a1b1fdfd
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715
aebb745b2cda3a44e5dd95bb0f9df36adbada2763a24fc1b7aa0822eccfa6f4d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
aff26237d743b9b7b398f88cd38dc261dcbe55781d80f9f8c3b0a9a3b95f0933
aff87009537313d0f4679fbf1cb443464d70aa393cd710c3d678ad15d2c92a05
b0aeafa8dc859fbe7a1abd1f7e0e569d3ed96e6290baf265a5b5b31ffab4db51
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b05c800457fbb5558d05bcdc2f3f440db3cc1a05c876aed283ac2df66a8223
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3fc2b49597462674ca0ddbf27eca4ad56d521f68f7a46040048c486f3aa763e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5d9b7bc003c83fed08674aeb00c63750f1c0ecfe8a58d1a230cf64de48b34b8
b78cac285211c31b7ca83337645a9b8bfdf94e2f1b3bb410658b609c7c6658f9
b8a85b9b8244bd6018836e5bf4275126b9c7f5af9e58a269f73a45aceb75a6bd
b9ad2b7b68d58d0dbc3ae406336fa2ec20ebb877b997a6e9546621f9b4f35290
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
bcdb9fade795269e47aae2239d8133dc5c739a28ac4d56aec54abaf07c5007f0
bebc5b4c7e71053d29ab699bd5cd44b0002dcffdf880aa2857b952e619b29a55
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0ee720d635dad6cca5fef794b0efe37032030e80147bcae494957b27def0a44
c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4db9d090aae49db15bcc47983205d60df696285b62b76da424e484c6e6b2be4
c992a01acf3cd7f2811269cc806ee9f77233f6031dc0a50cc84c17ad04927001
c9d39fccbdec92605741fef4d72ab503f43f25bc1d2cf91dbcd85033d4d29c06
ca0b9435846e8a334281e309efa383eaa23ff0228206fdd7428d9e1ce6eb83a3
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc2ba5b240816ae040aface540ba6dd94c90505051118fbdb6869e1254a7b0c8
ccc5be112ca6b63cf7619fa6229dc1a7e5c91c20f34917f2e7ddfcac55b3f15b
cd6319e76c2c76cab449913127bc62e2f2bbb0aa57ca79a7663453450f2f398c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce
d0b33f0001c3e08e685c666d6c89bc8704b0f3cb2614cd2f6d73d0d2185c4c24
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c
d58ff7cad0ebbccb4091532c0c123939d29a088f413cc6e40099d894fb285a75
d5d7a893feaa660498e186105c873cb64084fd3e7f6fb0dbc2e7274192c4f5fe
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e
e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e2a8e501d081bb5aed1a6470377a33468d32319cb82cbae94112f00182105f39
e2ab419c6bc3a52d001fa1f915bb0599b2c2d50dab8d129cfc1dc7f4d57cdfc8
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3604b29d26df546d3ef4c042a0a4ec9a634f8ec7af604914306f76a6fbc48d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a6f8e29d1800eca43694f289eb9714b7c33184094797fc932d5e38a1b17913
e6de2bd9b5cb6e9ebfbf874940becb16016151d713ee19049eab99dfe0965ebc
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413
e9e1b7edaebe2866ed779b7a38212fc5c7df8d6a01b14c5d08b6e31341ede9e9
ea117441665c1fdd9f839ae72c5c721bc6986287c5a9b0a7b7af4a420e33cfb8
ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb
eb0c3dec4effc694d9876f18caf345720a13cbfb694e3e8d91a40b2d49a8e36b
ebf7a4bd7667229c832ee11ec020cb0ee86245c4ce5f5c4a86a868aea6df2a6e
ed7309fc667c720cec2470a2c182cffffa3f8c2e74ac8812ae059d4f90af0dbb
ede88e9721c488ab9d8025767c73fa20f29146c947bd39828c78198f03887bb3
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4aa13658fd69372288a219abefafc87d94a005a57430f7711bf1475b2b38cc2
f926688f6ac33e82cd95e3db4990416cfb835067b1dfe98c29f2abd857e23260
fd33d74186574a8d24232d405b9aaa9097f372574c8df353315ce39a47242fd1