urlscan.io logo urlscan.io
SecurityTrails logo

extra.heraldtribune.com Open in urlscan Pro
35.202.203.217  Public Scan

Go To Rescan Add Verdict Report
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Submission: On November 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 18 domains to perform 62 HTTP transactions. The main IP is 35.202.203.217, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is extra.heraldtribune.com.
This is the only time extra.heraldtribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.202.203.217 15169 (GOOGLE)
11 94.31.29.96 6461 (ZAYO-6461)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 2a00:1450:400... 15169 (GOOGLE)
1 205.178.189.129 19871 (NETWORK-S...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
3 184.30.21.80 16625 (AKAMAI-AS)
3 142.250.186.98 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 151.101.114.132 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 13.35.253.42 16509 (AMAZON-02)
2 104.244.42.200 13414 (TWITTER)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
62 27
2    35.202.203.217 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 217.203.202.35.bc.googleusercontent.com
extra.heraldtribune.com
11    94.31.29.96 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    205.178.189.129 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: underconstruction.networksolutions.com
platform.tout.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    184.30.21.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com
widgets.outbrain.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2057:5400:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    13.35.253.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net
b.scorecardresearch.com
sb.scorecardresearch.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
11 1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com extra.heraldtribune.com
5 www.google-analytics.com extra.heraldtribune.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 stats.g.doubleclick.net www.google-analytics.com
4 platform.twitter.com extra.heraldtribune.com
platform.twitter.com
4 maps.googleapis.com extra.heraldtribune.com
maps.googleapis.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 widgets.outbrain.com extra.heraldtribune.com
widgets.outbrain.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 sb.scorecardresearch.com 1 redirects extra.heraldtribune.com
2 syndication.twitter.com platform.twitter.com
2 www.google.com extra.heraldtribune.com
tpc.googlesyndication.com
2 connect.facebook.net extra.heraldtribune.com
connect.facebook.net
2 extra.heraldtribune.com extra.heraldtribune.com
1 b.scorecardresearch.com widgets.outbrain.com
1 www.google.de extra.heraldtribune.com
1 c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.facebook.com connect.facebook.net
1 odb.outbrain.com widgets.outbrain.com
1 cdn.viafoura.net extra.heraldtribune.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com extra.heraldtribune.com
1 platform.tout.com extra.heraldtribune.com
1 code.jquery.com extra.heraldtribune.com
1 fonts.googleapis.com extra.heraldtribune.com
62 27

This site contains links to these domains. Also see Links.

Domain
www.heraldtribune.com
datingavis.fr
heraldtribune.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Frame ID: 93A2347306F0C40B5EACF7AD3C86B228
Requests: 51 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fextra.heraldtribune.com
Frame ID: D638E172E049192153BF5C46D03F17E0
Requests: 2 HTTP requests in this frame

Frame: https://c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF77699E1117E30951CB2A63F6946027
Requests: 1 HTTP requests in this frame

Frame: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Frame ID: 211A9F8E51FC1FB141DA758EE8C65953
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 35C0DA59E69B9B6DA285A70C13771651
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BE894FC5E926E6B23C696627331DB8C3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C180D66E9325B3CEA19130CAE9A44B19
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Venir i  bout des problemes associes i  tous les concentration dans absenter en compagnie de Microsoft Store - ExtraVenir i  bout des problemes associes i  tous les concentration dans absenter en compagnie de Microsoft Store

Page Statistics

62
Requests

45 %
HTTPS

69 %
IPv6

18
Domains

27
Subdomains

27
IPs

5
Countries

769 kB
Transfer

2338 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 25
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 34
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABB~&jid=1878249117&gjid=1213690824&cid=765256664.1637323248&tid=UA-62553486-3&_gid=1787827099.1637323248&z=1254767985 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABB~&jid=1878249117&gjid=1213690824&cid=765256664.1637323248&tid=UA-62553486-3&_gid=1787827099.1637323248&z=1254767985
Request Chain 35
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1722812482&gjid=1624410293&cid=765256664.1637323248&tid=UA-51861146-1&_gid=1787827099.1637323248&z=693591551 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1722812482&gjid=1624410293&cid=765256664.1637323248&tid=UA-51861146-1&_gid=1787827099.1637323248&z=693591551
Request Chain 36
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1643474037&gjid=1400988346&cid=765256664.1637323248&tid=UA-62553486-1&_gid=1787827099.1637323248&z=1627139417 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1643474037&gjid=1400988346&cid=765256664.1637323248&tid=UA-62553486-1&_gid=1787827099.1637323248&z=1627139417
Request Chain 37
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=328183055&gjid=912774892&cid=765256664.1637323248&tid=UA-62598409-14&_gid=1787827099.1637323248&z=124176950 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=328183055&gjid=912774892&cid=765256664.1637323248&tid=UA-62598409-14&_gid=1787827099.1637323248&z=124176950
Request Chain 48
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fextra.heraldtribune.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fextra.heraldtribune.com%2F

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/ 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
35.202.203.217 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.203.202.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
2911b47ce7ee5afe74db18a9a5891146382ea6a81828bebd181b9c97eb4386b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Vary
Accept-Encoding Accept-Encoding,Cookie
Link
<http://extra.heraldtribune.com/wp-json/>; rel="https://api.w.org/" <http://extra.heraldtribune.com/wp-json/wp/v2/posts/64086>; rel="alternate"; type="application/json" <http://extra.heraldtribune.com/?p=64086>; rel=shortlink
X-TEC-API-VERSION
v1
X-TEC-API-ROOT
http://extra.heraldtribune.com/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN
http://extra.heraldtribune.com
X-Powered-By
WP Engine
Access-Control-Allow-Origin
*
X-Cacheable
SHORT
Cache-Control
max-age=600, must-revalidate
X-Cache
MISS
X-Cache-Group
normal
Content-Encoding
gzip
style.css
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/ 		65 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/style.css
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1a1bbc7e6a1ffd902db1b2c6e168ad659cedb3cc4f5a1200d9c9b237fae741d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
W/"5d79f2d5-102ec"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
common-skeleton.min.css
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.7
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
970ccf298ad56cb8787ad1690e4f16b78f9065a475e892d7ff6f05a7002031ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Aug 2020 06:13:14 GMT
Server
NetDNA-cache/2.2
ETag
W/"5f45fd7a-67b5"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
tooltip.min.css
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 		2 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.7
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Aug 2020 06:13:14 GMT
Server
NetDNA-cache/2.2
ETag
W/"5f45fd7a-662"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
style.min.css
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Sep 2021 04:05:58 GMT
Server
NetDNA-cache/2.2
ETag
W/"612efc26-13abe"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2Cregularitalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A400&ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f1d235980191969af34f29d93e1c877db8b940fd11e1978eed44c54672341c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 12:00:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Nov 2021 12:00:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Nov 2021 12:00:47 GMT
jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-7d2e"
Vary
Accept-Encoding
X-HW
1637323246.dop027.ml1.t,1637323246.cds223.ml1.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6050
colorbox.css
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/css/colorbox.css?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
73e0c219c32da41ada18d984505171d053c4808ae4492cd7d54ca1cad4828deb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
W/"5d79f2d5-b77"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
rating_star.js
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/ 		2 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/rating_star.js?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
320c795c6f8d74cef4d10181f65be73db4ce333029c979a35816eb07f881e09e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
W/"5d79f2d5-75d"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
jquery.colorbox-min.js
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/js/jquery.colorbox-min.js?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b9dc6f2a031549e52b87bd31a6cf76dc0bac5ba167530df45bdf7ea9a6655399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
W/"5d79f2d5-29f4"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
js
maps.googleapis.com/maps/api/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps/api/js?sensor=false&ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
2b2fab489a8a92d8d40470b3325af6cdfe8b4d407609f7cdd29e088d87716d4c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:46 GMT
Content-Encoding
gzip
Vary
Accept-Language
Server
mafe
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Server-Timing
gfet4t7; dur=12
Content-Length
50174
X-XSS-Protection
0
Expires
Fri, 19 Nov 2021 12:30:46 GMT
glass.png
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/images/ 		617 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/images/glass.png
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7afc34acd36620d4bdbc0b74c6ca46caf0548ae2aa22b28920c68097d3459931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
"5d79f2d5-269"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
617
new-tab.js
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/page-links-to/dist/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.4
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jul 2020 09:31:00 GMT
Server
NetDNA-cache/2.2
ETag
W/"5f1958d4-609e"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
wp-embed.min.js
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
NetDNA-cache/2.2
ETag
W/"5ff5d754-592"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
sdk.js
platform.tout.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.tout.com/sdk.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
205.178.189.129 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
underconstruction.networksolutions.com
Software
Sun-ONE-Web-Server/6.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:48 GMT
Server
Sun-ONE-Web-Server/6.1
Content-length
0
Content-type
text/html
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1048 / 90 of 1000 / last-modified: 1637276723"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
26822
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Fri, 19 Nov 2021 12:00:47 GMT
wp-emoji-release.min.js
extra.heraldtribune.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://extra.heraldtribune.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
35.202.203.217 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.203.202.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 22:15:12 GMT
Server
nginx
ETag
W/"60bfebf0-4705"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		133 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=5.8.2
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
eb81dbb47530932dd4d6eac5041f8c4462f17c0b87c8ef699b24dbafc5a8c861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
scaffolding on HTTPServer2
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://extra.heraldtribune.com
Access-Control-Expose-Headers
vary,vary,vary,content-encoding,date,server,content-length
Cache-Control
private
Vary
Origin, X-Origin, Referer
Content-Length
132
X-XSS-Protection
0
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
caaa06ca649b18f763adf5fafa82ab60763b7dbd2d6035f4fe9af48110d4219d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yLFn6n3awpErhJWnWK+XNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1683
x-fb-rlafr
0
x-fb-debug
OexFMC6hdrfUOPMeIzK6Dlgey6RH0myCG6pi1bUGSwUJuFNq5NSq7tSBhEE3fsYR3iPq7P6WHLNPJuIwdtLJCA==
x-fb-trip-id
686109401
x-fb-content-md5
c16a1bf7b534a6733b5617545e2db901
x-frame-options
DENY
date
Fri, 19 Nov 2021 12:00:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d9e7c0f27a2c8418dc11cd0c8542285a"
timing-allow-origin
*
expires
Fri, 19 Nov 2021 12:05:23 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1&appId=846021808821787
Non-Authoritative-Reason
HSTS
nav-drop-shadow.png
1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/images/ 		146 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com/wp-content/themes/ht-niche-2012/images/nav-drop-shadow.png
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
94.31.29.96 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8db0bf55410f68a12b681bf9f312dadb579d81dd5793bb6dfe2c0e3737c2a2a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Last-Modified
Thu, 12 Sep 2019 07:25:09 GMT
Server
NetDNA-cache/2.2
ETag
"5d79f2d5-92"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2Cregularitalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A400&ver=5.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://extra.heraldtribune.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
598125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:52:02 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (mil/6CE2)
Age
497
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
outbrainWidget.js
widgets.outbrain.com/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.outbrain.com/outbrainWidget.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4

Request headers

Referer
http://extra.heraldtribune.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 19 Nov 2021 12:00:47 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Aug 2019 14:32:10 GMT
Server
AkamaiNetStorage
ETag
"c1cf63691b92d21272762c5104a797f8:1566138730"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=345600
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
30328
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ 		345 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 12:00:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		224 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=extra.heraldtribune.com
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b2e6390b1a15e903926aa66bfc771c3df30294ff3e32a622d529e7add0bc72e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
expires
Fri, 19 Nov 2021 12:00:48 GMT
all.js
connect.facebook.net/en_US/ 		291 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=76e8f7e82a59397ebdb06ed0c02feeae
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4f477c653a8b75145d75c4edd0b715dfe3824b97ab3f87a82a9c49237818bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://extra.heraldtribune.com/
Origin
http://extra.heraldtribune.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TuFsS1EZP/lsIlbfvI3fhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
84348
x-fb-rlafr
0
x-fb-debug
CNDWdwZ1H1e9VHXIz0txWRDLyU3HkFtDbsYZgPVjIJ6HdLYesyZMOJIYnhwP08ciKtwBuNlKcHBj39t7XOspJA==
x-fb-content-md5
8135979e8ae0a39ce7e7b6f1d30b4808
x-frame-options
DENY
date
Fri, 19 Nov 2021 12:00:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"363eb1d80230737aaf13a025084e9821"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 19 Nov 2022 10:51:36 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3581
date
Fri, 19 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 19 Nov 2021 13:01:07 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
vf.js
cdn.viafoura.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.viafoura.net/vf.js
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
HTTP/1.1
Server
2600:9000:2057:5400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
get
odb.outbrain.com/utils/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&settings=true&recs=true&widgetJSId=AR_1&key=AYQHSUWJ8576&idx=0&version=01010326&ref=&apv=false&rand=0.07371208335343193&sig=6JXgFeVC
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrainWidget.js
Protocol
HTTP/1.1
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0e9e2b28fc33f8c28e8dbf3f26afb07ad264159bd4bd1ece8c6bf7855555ce5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:48 GMT
Via
1.1 varnish, 1.1 varnish
Traffic-Path
NYDC1, LGA, HHN, Europe1
X-Cache
MISS, MISS
Backend-IP
157.52.117.52
X-Cache-Hits
0, 0
Connection
keep-alive
X-TraceId
75689cde1648cd0d35228249a1321e25
content-encoding
gzip
Content-Length
923
X-Served-By
cache-lga21952-LGA, cache-hhn4034-HHN
X-Timer
S1637323248.170826,VS0,VE144
Vary
Accept-Encoding, User-Agent
Content-Type
text/x-json; charset=UTF-8
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame D638 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fextra.heraldtribune.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
131562
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Nov 2021 12:00:48 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=846021808821787&input_token&origin=1&redirect_uri=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=76e8f7e82a59397ebdb06ed0c02feeae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Rem1wGB96nlQLnEuW7eBCHsP4lsiHfi5/KBb3CQawQ1TuRcA29MLVTdi9+sHIO1yP2IrLAhxEe09QuzNdZStmQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Fri, 19 Nov 2021 12:00:48 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://extra.heraldtribune.com
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62553486-3&cid=765256664.1637323248&jid=1878249117&gjid=1213690824&_gid=1787827099.1637323248&_u=IGBAiEABBAAAAE~&z=448197242
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://extra.heraldtribune.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Nov 2021 12:00:48 GMT
content-type
text/plain
access-control-allow-origin
http://extra.heraldtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51861146-1&cid=765256664.1637323248&jid=1722812482&gjid=1624410293&_gid=1787827099.1637323248&_u=IGDAiEABBAAAAE~&z=883360101
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://extra.heraldtribune.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Nov 2021 12:00:48 GMT
content-type
text/plain
access-control-allow-origin
http://extra.heraldtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62553486-1&cid=765256664.1637323248&jid=1643474037&gjid=1400988346&_gid=1787827099.1637323248&_u=IGDAiEABBAAAAE~&z=1198181098
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://extra.heraldtribune.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Nov 2021 12:00:48 GMT
content-type
text/plain
access-control-allow-origin
http://extra.heraldtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62598409-14&cid=765256664.1637323248&jid=328183055&gjid=912774892&_gid=1787827099.1637323248&_u=IGDAiEABBAAAAE~&z=36037456
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://extra.heraldtribune.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Nov 2021 12:00:48 GMT
content-type
text/plain
access-control-allow-origin
http://extra.heraldtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-u...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABB~&jid=1878249117&gjid=1213690824&cid=765256664.1637323248&tid=UA-62553486-3&_gid=1787827099.1637323248&z=1254767985
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H3
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 03:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29981
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABB~&jid=1878249117&gjid=1213690824&cid=765256664.1637323248&tid=UA-62553486-3&_gid=1787827099.1637323248&z=1254767985
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-u...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1722812482&gjid=1624410293&cid=765256664.1637323248&tid=UA-51861146-1&_gid=1787827099.1637323248&z=693591551
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H3
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 03:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29981
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1722812482&gjid=1624410293&cid=765256664.1637323248&tid=UA-51861146-1&_gid=1787827099.1637323248&z=693591551
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-u...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1643474037&gjid=1400988346&cid=765256664.1637323248&tid=UA-62553486-1&_gid=1787827099.1637323248&z=1627139417
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H3
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 03:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29981
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=1643474037&gjid=1400988346&cid=765256664.1637323248&tid=UA-62553486-1&_gid=1787827099.1637323248&z=1627139417
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-u...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=328183055&gjid=912774892&cid=765256664.1637323248&tid=UA-62598409-14&_gid=1787827099.1637323248&z=124176950
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H3
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 03:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29981
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=1135260937&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&ul=en-us&de=UTF-8&dt=Venir%20i%C2%A0%20bout%20des%20problemes%20associes%20i%C2%A0%20tous%20les%20concentration%20dans%20absenter%20en%20compagnie%20de%20Microsoft%20Store%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAE~&jid=328183055&gjid=912774892&cid=765256664.1637323248&tid=UA-62598409-14&_gid=1787827099.1637323248&z=124176950
Non-Authoritative-Reason
HSTS
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=extra.heraldtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=extra.heraldtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1651568972202357&correlator=4192714904242481&output=ldjh&impl=fifs&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=11564835%2Cheraldtribune.com%2CExtra&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x250&prev_scp=slot%3DBase%2520Leaderboard%7Cslot%3DView%2520Plus%2520Leaderboard%7Cslot%3DBase%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec&cookie_enabled=1&bc=23&abxe=1&lmt=1637323248&dt=1637323248309&dlt=1637323246943&idt=1310&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C310%2C-9%2C-9%2C-9&adys=-9%2C2132%2C-9%2C-9%2C-9&adks=1763901911%2C2628459104%2C2133351017%2C2133351014%2C2133351015&ucis=1%7C2%7C3%7C4%7C5&color_bg=FFFFFF&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&ga_vid=765256664.1637323248&ga_sid=1637323248&ga_hid=1135260937&ga_fc=true&fws=2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&btvi=-1%7C1%7C-1%7C-1%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b5e0a7b5f40e9a7f809c6ce27b3b92ccfeca29af900636b3949ff47bbc698b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
278
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://extra.heraldtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF77 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 12:00:48 GMT
expires
Sat, 19 Nov 2022 12:00:48 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62553486-3&cid=765256664.1637323248&jid=1878249117&_u=IGBAiEABBAAAAE~&z=1568163102
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 12:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62553486-3&cid=765256664.1637323248&jid=1878249117&_u=IGBAiEABBAAAAE~&z=1568163102
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 12:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
outbrainWidget.css
widgets.outbrain.com/mu/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://widgets.outbrain.com/mu/css/outbrainWidget.css?v=01010326
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrainWidget.js
Protocol
HTTP/1.1
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ea0ae7ef3769fbd24a75a32f40785260ed5d83350b76ece6ededa1060fa4271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Aug 2019 14:32:06 GMT
Server
AkamaiNetStorage
ETag
"32bea34dd5eb870d71a0fe6924ae2e9f:1566138726"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=345600
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
3333
comScore.htm
widgets.outbrain.com/nanoWidget/3rd/comScore/ Frame 211A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrainWidget.js
Protocol
HTTP/1.1
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3f4fff8c05bef8a28e78cea9f413e0ce65f691de874fd2f81598bba5b54d872

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"c8168943484af9b72a02b35c90882b46:1458203027"
Last-Modified
Thu, 17 Mar 2016 08:23:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=345600
Date
Fri, 19 Nov 2021 12:00:48 GMT
Content-Length
720
Connection
keep-alive
Timing-Allow-Origin
* *
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
beacon.js
b.scorecardresearch.com/ Frame 211A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Protocol
HTTP/1.1
Server
13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Fri, 19 Nov 2021 03:23:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
31036
ETag
W/"1827f116c73f319409b97f10b8a58ade"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
vi1090d374Pbhq-VYdKwN721_2TYZw7GZKx_OEB7WrMm8WdL7e_TOA==
settings
syndication.twitter.com/ Frame D638 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=0eff2b78c7e3b2b1db62c914f9bbbc4a4153f2c3
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fextra.heraldtribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time
111
date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 12:00:48 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8259d20ff2c7e6ebe99af582a2586b5fd3e755427228eefedfc11e0e304acdfd
content-length
166
b2
sb.scorecardresearch.com/ Frame 211A
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.ht...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fextra.heraldtribune.com%2F
Requested by
Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/
Protocol
H2
Server
13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-42.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 12:00:48 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Q7ewJrBYHS6BI_KUR5VRyI-I9wC-XM382q95icHSmn3oW6xGe9hOAg==

Redirect headers

date
Fri, 19 Nov 2021 12:00:48 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1637323248440&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fextra.heraldtribune.com%2F
content-length
263
x-amz-cf-id
VnBDkmI7YeqxTTV2jx9TY2A59ek2yIWvkGcD-ZEuA9Nrh6Cctu9pTQ==
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE0) /
Resource Hash
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 12:00:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:51 GMT
Server
ECS (mil/6CE0)
Age
131562
Etag
"e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e493183e734c638768df48cc7916d8599c7a8d69a44d9dc2b6584e029c286b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9302
x-xss-protection
0
follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 35C0 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE0) /
Resource Hash
97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
131553
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Nov 2021 12:00:48 GMT
Etag
"c645eaa597e9d4a92f2a306087a45087+gzip"
Last-Modified
Mon, 18 Oct 2021 18:31:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE0)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13629
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 12:00:48 GMT
truncated
/ Frame 35C0 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BE89 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 19 Nov 2021 11:54:36 GMT
expires
Sat, 19 Nov 2022 11:54:36 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C180 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3547777e1739c6dc1fbdddcde2c2dc0df2c522c64f473c62080d292f06bb3ba4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+ziROr0Rf391oeMN7Zvr8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 12:00:48 GMT
date
Fri, 19 Nov 2021 12:00:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+ziROr0Rf391oeMN7Zvr8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jot
syndication.twitter.com/i/ 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fextra.heraldtribune.com%2F2021%2F11%2F18%2Fvenir-i-bout-des-problemes-associes-i-tous-les%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1637323248828%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 12:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Fri, 19 Nov 2021 12:00:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
8259d20ff2c7e6ebe99af582a2586b5fd3e755427228eefedfc11e0e304acdfd
x-transaction
5e9fe33b623b33e0
expires
Tue, 31 Mar 1981 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C180 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=1651568972202357&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame BE89 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
16414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 07:27:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=1651568972202357&bg=!JSalJmLNAAZQLpa_UC47ACkAdvg8WiiqiiSqZof90a3_FiCqIrl1v2fBXMZ4I-IzhTJXejC8Z17fygIAAABjUgAAAAZoAQcKALB1HMIUm_B9c3NCh2RTmoFu5YKgZDkbWQFt5ttvxnLnIqTatotwZh_ba70V_rGMJ8htJorCrju6IHUa9pKPMt6bA2DrmSXxB7htt3ZrknXjUsWH7Ke3jDny4-YH21eMzuheCUPLoYtwE1Zx0SBxjWXnpkVGsftiveAiS-NrNci6S_yBQFwsL2gt_KnAcUjEGP7iWFxObIboToVi2uCffyvSBniDyStPeILhHg4OHYGfxJkCjSVF-4wIABvCQ_UXN3KhA-u-DrqGqAiPig42jtY68HmWUvzC3ImmI_BgamI7nh3pm_VL30E3LT2NS5Vcp6nWF3RqkstmtEV8PMC1cXxHo_f9JbveNiA1ORZmIKXhuT6G_C8b0dozmA3kmTIiop8V7fbil0YwQcQQ1EfiqiYMRYDJ_quwZJbeQPTDwPrGIIrPShv8O1dCSlWpiUdY-J0oHJ8JSOEIAcpUrqfcPgFTpjEbKhGhWNQNuaQE2rvYuj7ZHSqWacoWJGSY3mUzUwhvwKR--ysYQTOR4fYY2ijSC7xi8ntIxuaZvhZ7V-AtxZ4Lc-Ahwy8f_0LAus9L9adbb39fcljYHtxTp8cBPTGDh-FFn3mQJRmwvHyHDKdNa7_Q13fBBH4RCx6r1n9t4FihRAao1D59FhcLDasAhC7AmaKEhC5brff7v2C4iaUlcxW-SEduOKAuRHSVVxr-5zfv4WUQe8byzBMLCQamDTSZB7k0FsbaJwmh8rrgkyKE3jUgg0u0oYazf0JuPz3X5swop6Perx5TUS1c-kSZ0cQZhjxLh_6szj33sF8H6Up3cif6x3UkCEdTnYURCx8TXguE6OnL4sYA22F1whroRifkqRxVa4Ltt0r9L3i9wZshYOWM8pT4qkyV00NZli9yWZ7TvBRC_6o6LMeBYmy4oL8xf8EFUmamo2kQxkjWK2WqAZb7v4Z_kFjEChYw4IoZRokYqO7SkmwiTC_FxDM8ubPtG-x13N7PXEoVu_zFnip-5mY_8HIKc73Za-Z1g2NNlCqtiE0Hun4ReHl14voCMx4ZzYXjD-YRCCfYVSIDgtjqeM84h1n5huVHoGl_sfzAMsjFx58M5k2qMcE4tKcSDGRK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 12:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=5.8.2
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4411f1435a7f33383c99665b4c0a2df3c01a21e9525a8260a42aa91cda2b553f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 20:09:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
143503
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy
cross-origin
Content-Length
28785
X-XSS-Protection
0
Last-Modified
Mon, 15 Nov 2021 17:22:14 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="maps-api-js"
Vary
Accept-Encoding, Origin
Report-To
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 17 Nov 2022 20:09:09 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/ 		298 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/47/1/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=5.8.2
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd16e548033de3f5738579b6aebc6a9ec86e61b0300aa2561a3b610660adecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://extra.heraldtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 20:09:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
143503
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy
cross-origin
Content-Length
92915
X-XSS-Protection
0
Last-Modified
Mon, 15 Nov 2021 17:22:14 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="maps-api-js"
Vary
Accept-Encoding, Origin
Report-To
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 17 Nov 2022 20:09:09 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| dfp_pub_id string| dfp_site_name string| dfp_targeting object| googletag function| refreshAds number| curPage function| appendContent object| _wpemojiSettings object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| OB_permalink string| OB_langJS string| OB_Template object| OB_widgetId boolean| OB_Script string| str object| ggeac object| google_js_reporting_queue object| FB number| ObStartTime object| outbrain_browsers object| outbrain_settings object| outbrain_resources_manager object| outbrain_globals function| outbrain_timeout function| outbrain_odb_life_object function| outbrain_dom_object function| OB_lang_object function| outbrain_language_manager_object object| OB_lang object| OB_widgetObjArray object| outbrain_log function| printSigns function| outbrain_error_manager_object object| outbrain function| outbrain_PositionCalc function| outbrain_template_object function| outbrain_template_manager_object object| outbrain_whatIs function| outbrain_rater_object function| OB_platformMetaData function| voterWidgetObj function| outbrain_rec_template_object function| outbrain_stars_template_object function| outbrain_box_template_object object| OB_language_en function| OutbrainStart object| outbrain_dom object| outbrain_error_manager object| outbrain_language_manager object| outbrain_template_manager object| OB_odb_life object| outbrain_rater object| OBR string| OB_releaseVer boolean| OB_freeze function| getCookie function| setOnce function| getGWOcampaign function| isdefined function| getGWOconversion number| trackLogin object| tribe_l10n_datatables object| wp object| gaAccounts object| utCrossDomains object| gaAccount object| PARSELY string| GoogleAnalyticsObject function| ga object| TOUT object| currEle object| twemoji object| __twttrll object| twttr object| __twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.heraldtribune.com/ Name: _ga
Value: GA1.2.765256664.1637323248
.heraldtribune.com/ Name: _gid
Value: GA1.2.1787827099.1637323248
.heraldtribune.com/ Name: _gat
Value: 1
.heraldtribune.com/ Name: _gat_rollup1
Value: 1
.heraldtribune.com/ Name: _gat_rollup2
Value: 1
.heraldtribune.com/ Name: _gat_rollup3
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1VNBDKMI7YEQXTTV2JX9TYg1637323248
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.heraldtribune.com/ Name: __gads
Value: ID=3b3d3287e86739e2-222b9432dccb00c8:T=1637323248:S=ALNI_MZ8U2gKeHdd6BsHVD_SWG9oJafZng

5 Console Messages

Source Level URL
Text
javascript warning URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/(Line 309)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://widgets.outbrain.com/outbrainWidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://extra.heraldtribune.com/2021/11/18/venir-i-bout-des-problemes-associes-i-tous-les/(Line 309)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://widgets.outbrain.com/outbrainWidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: http://platform.tout.com/sdk.js
Message:
Failed to load resource: the server responded with a status of 404 (Not found)
network error URL: http://cdn.viafoura.net/vf.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1xaiel1a3g7i2xt3uu41exbx.wpengine.netdna-cdn.com
adservice.google.com
adservice.google.de
b.scorecardresearch.com
c06fd7ba774162ef7aa522ec42e094d3.safeframe.googlesyndication.com
cdn.viafoura.net
code.jquery.com
connect.facebook.net
extra.heraldtribune.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
odb.outbrain.com
pagead2.googlesyndication.com
platform.tout.com
platform.twitter.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.244.42.200
13.35.253.42
142.250.186.98
151.101.114.132
184.30.21.80
2001:4de0:ac18::1:a:3b
205.178.189.129
2600:9000:2057:5400:8:2ae1:d740:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.202.203.217
94.31.29.96
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
1a1bbc7e6a1ffd902db1b2c6e168ad659cedb3cc4f5a1200d9c9b237fae741d2
2911b47ce7ee5afe74db18a9a5891146382ea6a81828bebd181b9c97eb4386b2
2b2fab489a8a92d8d40470b3325af6cdfe8b4d407609f7cdd29e088d87716d4c
320c795c6f8d74cef4d10181f65be73db4ce333029c979a35816eb07f881e09e
3547777e1739c6dc1fbdddcde2c2dc0df2c522c64f473c62080d292f06bb3ba4
4411f1435a7f33383c99665b4c0a2df3c01a21e9525a8260a42aa91cda2b553f
4ea0ae7ef3769fbd24a75a32f40785260ed5d83350b76ece6ededa1060fa4271
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e493183e734c638768df48cc7916d8599c7a8d69a44d9dc2b6584e029c286b4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73e0c219c32da41ada18d984505171d053c4808ae4492cd7d54ca1cad4828deb
7afc34acd36620d4bdbc0b74c6ca46caf0548ae2aa22b28920c68097d3459931
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8db0bf55410f68a12b681bf9f312dadb579d81dd5793bb6dfe2c0e3737c2a2a2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
970ccf298ad56cb8787ad1690e4f16b78f9065a475e892d7ff6f05a7002031ae
97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
9f1d235980191969af34f29d93e1c877db8b940fd11e1978eed44c54672341c1
a0e9e2b28fc33f8c28e8dbf3f26afb07ad264159bd4bd1ece8c6bf7855555ce5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f4fff8c05bef8a28e78cea9f413e0ce65f691de874fd2f81598bba5b54d872
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2e6390b1a15e903926aa66bfc771c3df30294ff3e32a622d529e7add0bc72e5
b5e0a7b5f40e9a7f809c6ce27b3b92ccfeca29af900636b3949ff47bbc698b67
b9dc6f2a031549e52b87bd31a6cf76dc0bac5ba167530df45bdf7ea9a6655399
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
caaa06ca649b18f763adf5fafa82ab60763b7dbd2d6035f4fe9af48110d4219d
cdd16e548033de3f5738579b6aebc6a9ec86e61b0300aa2561a3b610660adecd
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb81dbb47530932dd4d6eac5041f8c4462f17c0b87c8ef699b24dbafc5a8c861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f477c653a8b75145d75c4edd0b715dfe3824b97ab3f87a82a9c49237818bd3