urlscan.io logo urlscan.io
SecurityTrails logo

authentication.leparisien.fr Open in urlscan Pro
143.204.215.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://leparisien-serviceclients.nce0002.novius.net/
Effective URL: https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Submission: On October 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 143.204.215.15, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is authentication.leparisien.fr.
TLS certificate: Issued by Thawte RSA CA 2018 on March 17th 2020. Valid for: 2 years.
This is the only time authentication.leparisien.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.65.80.51 197161 (BUSINESSG...)
5 143.204.215.15 16509 (AMAZON-02)
1 142.250.185.104 15169 (GOOGLE)
3 143.204.215.81 16509 (AMAZON-02)
1 104.111.230.79 16625 (AKAMAI-AS)
2 142.250.181.238 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
3 142.250.184.196 15169 (GOOGLE)
2 13.32.29.90 16509 (AMAZON-02)
1 13.32.29.44 16509 (AMAZON-02)
4 142.250.185.163 15169 (GOOGLE)
1 18.192.221.62 16509 (AMAZON-02)
2 142.250.185.205 15169 (GOOGLE)
1 172.217.16.131 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
30 14
1    185.65.80.51 (Villeurbanne, France)

ASN197161 (BUSINESSGEOGRAPHIC, FR)
PTR: boutique.leparisien.fr
leparisien-serviceclients.nce0002.novius.net
5    143.204.215.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-15.fra53.r.cloudfront.net
authentication.leparisien.fr
1    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
3    143.204.215.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-81.fra53.r.cloudfront.net
sdk.privacy-center.org
1    104.111.230.79 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-79.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
apis.google.com
2    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
3    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
2    13.32.29.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-90.fra56.r.cloudfront.net
assets.leparisien.fr
1    13.32.29.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-44.fra56.r.cloudfront.net
tag.aticdn.net
4    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.gstatic.com
1    18.192.221.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-221-62.eu-central-1.compute.amazonaws.com
logs11.xiti.com
2    142.250.185.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f13.1e100.net
accounts.google.com
1    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
ssl.gstatic.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
5 authentication.leparisien.fr authentication.leparisien.fr
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com useraccount
www.gstatic.com
www.google.com
3 sdk.privacy-center.org authentication.leparisien.fr
sdk.privacy-center.org
2 fonts.gstatic.com www.google.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 assets.leparisien.fr useraccount
authentication.leparisien.fr
2 connect.facebook.net useraccount
connect.facebook.net
2 apis.google.com useraccount
apis.google.com
1 ssl.gstatic.com accounts.google.com
1 logs11.xiti.com authentication.leparisien.fr
1 tag.aticdn.net www.googletagmanager.com
1 appleid.cdn-apple.com useraccount
1 www.googletagmanager.com authentication.leparisien.fr
1 leparisien-serviceclients.nce0002.novius.net 1 redirects
30 15

This site contains links to these domains. Also see Links.

Domain
www.leparisien.fr
Subject Issuer Validity Valid
*.leparisien.fr
Thawte RSA CA 2018		 2020-03-17 -
2022-06-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.privacy-center.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2021-01-19 -
2022-02-18		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-29 -
2021-10-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2021-01-25 -
2022-02-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.xiti.com
Thawte RSA CA 2018		 2020-02-27 -
2022-05-22		 2 years crt.sh
accounts.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 3 frames:

Primary Page: https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Frame ID: 75F6E305144A751BAC3ED42E00582BFE
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Frame ID: ACCA467014AF353E5A4A60280E1E6C9B
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 5DB8BBAB49BAF6AC37FF9662DF0CF1B5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Le Parisien

Page URL History Show full URLs

  1. https://leparisien-serviceclients.nce0002.novius.net/ HTTP 302
    https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • xiti\.com/hit\.xiti
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

1654 kB
Transfer

5649 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://leparisien-serviceclients.nce0002.novius.net/ HTTP 302
    https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
authentication.leparisien.fr/
Redirect Chain
  • https://leparisien-serviceclients.nce0002.novius.net/
  • https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91ddd8038a96ca082970f23f3455e47927f4ef4763632c99fa53a398dba1c77b

Request headers

:method
GET
:authority
authentication.leparisien.fr
:scheme
https
:path
/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Mon, 18 Oct 2021 13:39:56 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 18 Oct 2021 17:38:34 GMT
etag
W/"c04140897c5abf6fe9391e4eb702381c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
aBo_emdB8d0LG6QI6GFf25jQ8IrvpwqZfJ6xd55fmS6OyR129q6Y5w==

Redirect headers

server
nginx
date
Mon, 18 Oct 2021 17:38:33 GMT
content-type
text/html; charset=UTF-8
content-length
682
location
https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
set-cookie
XSRF-TOKEN=eyJpdiI6Ilh3OFlWKzBpbXgzb0hxXC9OTnFHektnPT0iLCJ2YWx1ZSI6ImxxVnhIeXJoU0tzV0JGSkQyR0htSEV1MzRUWXphcmd5VEg1TnJUMFZTd3VWSHUwR0xYeUc1S09nWHdvZTh1em8iLCJtYWMiOiI1OGExOTkwYzFkOWZlOTkzNDhmMmI5ZDg2MmE4ZmVkMTljZDkyNDFiMjNhMTMxM2E4YzQwMmNkNWQ2YTRhZGEyIn0%3D; expires=Mon, 18-Oct-2021 19:38:33 GMT; Max-Age=7200; path=/ le_parisien_espace_abonnement_session=eyJpdiI6ImJlWDVsTFFaNmVTQnd2WmtYamQrRGc9PSIsInZhbHVlIjoiKzlUaWhldFwvWXV5bXViVU9Ob2l2THlRRmtcL0t5dllTeHJjK2twTXZ2bWh5Q3pQd21rSFJzZktnSHF4Ujk2SVRJIiwibWFjIjoiY2UzNjczZGI5MjI4MTlkMTM5NDYzMWRiOTcxZjhlMjZjZDFmMDRlZDk4YmFmMjliNDFlOTVmZWM5ZDY3NzhhMiJ9; expires=Mon, 18-Oct-2021 19:38:33 GMT; Max-Age=7200; path=/; httponly
x-robots-tag
noindex,nofollow,noarchive
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://static.ads-twitter.com https://analytics.twitter.com https://tag.aticdn.net https://static.chartbeat.com https://teddytor.abtasty.com https://cdn.novius.net; object-src 'self' https://sandbox.tinypass.com
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
sameorigin
main.bundle.js
authentication.leparisien.fr/ 		3 MB
541 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.leparisien.fr/main.bundle.js
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5079256327a04d7155d240ca38c3fdb58defb226defa62001ab8b9b988292253

Request headers

:path
/main.bundle.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
authentication.leparisien.fr
referer
https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 13:39:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"ccf069588a5577768242ac76f600eb22"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-id
wc903qKQlF_EHXLNnzsdBC3oTWSYpuRfZV_mNsXM5r0mWMLIrndK3Q==
gtm.js
www.googletagmanager.com/ 		273 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QNLTGR
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ecb79c90ebeab98cf7e59dae93d194ae2b362b970f2dd1d0eab643065c54c431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
75789
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 15:17:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Oct 2021 17:38:33 GMT
loader.js
sdk.privacy-center.org/5e96b136-cbb6-44ff-b6c4-bbd30250289f/ 		43 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/5e96b136-cbb6-44ff-b6c4-bbd30250289f/loader.js?target=authentication.leparisien.fr
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e1e9f74d88d6516613519af207dd21efcdeee1c689937f86a7f1e6b1dc3bcc0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:33 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA53-C1
etag
"c02f5c60348df145b3d4c4c446413b7e"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
content-length
8173
x-amz-cf-id
Q3wn1gE1SpkpHZN8MBMwY5wu_Bx8XevYAdZNXWYTm2z8q4p2baUX3A==
sdk.fb34cdf6141cfe852da19b3513086d7fe8d09a14.js
sdk.privacy-center.org/ 		373 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.fb34cdf6141cfe852da19b3513086d7fe8d09a14.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/5e96b136-cbb6-44ff-b6c4-bbd30250289f/loader.js?target=authentication.leparisien.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74fdf9406c863540be90c6e239bf5fbd6622ddd58da845f2a4a3e7d4f733b70b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 08:11:10 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:07:14 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634544217/ctime:1634544217/gid:0/gname:root/md5:6f1f9b99d93c92d00b4088bc5886d171/mode:33188/mtime:1634544217/uid:0/uname:root
age
34044
etag
W/"6f1f9b99d93c92d00b4088bc5886d171"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
mpQaf9Q5oTErZDt6rRbsBiu3gvOEi31A3QhmgdabaLBatYaZQMyHnw==
GraphikCompact-Regular-Web.woff
authentication.leparisien.fr/images/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.leparisien.fr/images/GraphikCompact-Regular-Web.woff
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2e9cd20a35da9d3008d5f7b5396d1dcc0bb2137ebd05412e57f70d709557222

Request headers

:path
/images/GraphikCompact-Regular-Web.woff
pragma
no-cache
origin
https://authentication.leparisien.fr
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
authentication.leparisien.fr
referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Origin
https://authentication.leparisien.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 13:39:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"99696f02bbeebd44d0a2b56f66517827"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
45173
x-amz-cf-id
JF3C-0JxrLYi4GIWUMp1kUAyU-sBeVt4PdauITE2oUfQq_ZFrUFetQ==
GraphikCompact-Semibold-Web.woff
authentication.leparisien.fr/images/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.leparisien.fr/images/GraphikCompact-Semibold-Web.woff
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef50ddce40d7efff9aa2d5eba42a904691fcdfc0593bc67f4e3af3f7fd018aec

Request headers

:path
/images/GraphikCompact-Semibold-Web.woff
pragma
no-cache
origin
https://authentication.leparisien.fr
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
authentication.leparisien.fr
referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Origin
https://authentication.leparisien.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 13:39:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"b32bba65687b0d45d4c0817da1556945"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
53789
x-amz-cf-id
h2nF3HosWR0ZTIeCLHAW5_axJ9pVtzAXvl6fAjuHsypRUb2hukOGrg==
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: useraccount
URL: webpack://useraccount/./src/helpers/appleScript.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-79.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 17:22:50 GMT
Server
Apple
ETag
W/"42671-1633972970611"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Date
Mon, 18 Oct 2021 17:38:33 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: useraccount
URL: webpack://useraccount/./src/helpers/googleScript.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XCOuppGQ8eBB4cY6PV9ZQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-XCOuppGQ8eBB4cY6PV9ZQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Mon, 18 Oct 2021 17:38:33 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: useraccount
URL: webpack://useraccount/./src/helpers/facebookScript.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
dc883b8db6cbe6e8dd31cfbdbca7d61178f9135fdae4a3fac0b7d2b13363aefb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
53gOPHIBtTczRkJVE0s3aQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
KHABc2rECyyTZuvk02HKczNmSrnkCUOuuNGSYkTCIN7Df2rsbjiXLAr2YOck4C8dAo4pDDL5x9Vy+na45UHS2A==
x-fb-trip-id
2050670934
x-fb-content-md5
256bb89cedd539edacf332f63bd605cd
x-frame-options
DENY
date
Mon, 18 Oct 2021 17:38:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"83c4ac0686c837143890e442370ee9fd"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Oct 2021 17:46:35 GMT
enterprise.js
www.google.com/recaptcha/ 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN
Requested by
Host: useraccount
URL: webpack://useraccount/./src/helpers/captchaScore.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
feb40a60fffcf1047e385a5805f46dfc9b0d9e497bad7d303326d0abba657fa3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616
x-xss-protection
1; mode=block
expires
Mon, 18 Oct 2021 17:38:33 GMT
man-plus-dog.json
assets.leparisien.fr/website/images/lotties/ 		173 KB
174 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.leparisien.fr/website/images/lotties/man-plus-dog.json
Requested by
Host: useraccount
URL: webpack://useraccount/./node_modules/lottie-web/build/player/lottie.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-90.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95604f87195565292c5ced0211e72627b0dfb22475bf6b11aefb29d7bd436183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
J8WJGvIkFUQTXUcvw3CjKO5ESBj9AfHG
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
etag
"bddee74d0a1c6ed9d2d147f60b9f1128"
age
2182
x-cache
Hit from cloudfront
access-control-max-age
0
content-length
177194
last-modified
Sun, 17 Oct 2021 12:55:52 GMT
server
AmazonS3
date
Mon, 18 Oct 2021 17:02:12 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/json
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
kAN6Hm4c2flM-2BWWttDHerqnmwW5qqnrZeUR0G4bKvkvPid2H3CJw==
ui-gdpr-fr.fb34cdf6141cfe852da19b3513086d7fe8d09a14.js
sdk.privacy-center.org/ 		268 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-fr.fb34cdf6141cfe852da19b3513086d7fe8d09a14.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.fb34cdf6141cfe852da19b3513086d7fe8d09a14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d491a2ef66916c0dcb787614d8bfaa4100198b299092d91aa379e20f784cc25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 08:11:12 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:07:31 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634544217/ctime:1634544217/gid:0/gname:root/md5:db7ae8328e82b84b90d98dbff95c5a50/mode:33188/mtime:1634544217/uid:0/uname:root
age
34042
etag
W/"db7ae8328e82b84b90d98dbff95c5a50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Ztl50fuspbJxhNG6wGp9vxMX92FisgwM1jsTSgsURcqxSUn_5Bn19w==
GraphikCondensed-Semibold-Web.woff
authentication.leparisien.fr/images/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.leparisien.fr/images/GraphikCondensed-Semibold-Web.woff
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ae08a420e322ba9811674312ac4951d5a4c884023d51eb93e40291eb326dc88

Request headers

sec-fetch-mode
cors
origin
https://authentication.leparisien.fr
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
didomi_token=eyJ1c2VyX2lkIjoiMTdjOTQ3YmMtY2ZlMS02ZWU0LTllZmYtY2QxMWUyMjVhYjM5IiwiY3JlYXRlZCI6IjIwMjEtMTAtMThUMTc6Mzg6MzMuOTA5WiIsInVwZGF0ZWQiOiIyMDIxLTEwLTE4VDE3OjM4OjMzLjkwOVoiLCJ2ZXJzaW9uIjpudWxsfQ==
:path
/images/GraphikCondensed-Semibold-Web.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
authentication.leparisien.fr
referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Origin
https://authentication.leparisien.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:35 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 13:40:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"d0f344484a9e6726a51b83961e7de4e6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
48045
x-amz-cf-id
qX5io69lFz7-mdpigptYEWEXNCgA2UfoOBArc08MzoYgpxoL1D9S0g==
smarttag.js
tag.aticdn.net/40086/ 		106 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/40086/smarttag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QNLTGR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35ac5dcaf36b1bcd26cf233f788a10fa6d289db18a36d51173afbd0988bc48e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
6vwtZKC1MYoMJmT1qDpsCkxqAQ1jdYhy
content-encoding
gzip
etag
W/"58cdd1739f67c0aac6f3d253edb5fdb8"
last-modified
Tue, 29 Jun 2021 12:37:47 GMT
server
AmazonS3
age
1500
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
cache-control
max-age=1800
date
Mon, 18 Oct 2021 17:36:06 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
TNI0m6Knvv6mdhjlS0xyw7n5avh1TbMFjJVMGznP0nkFEU3a1dZHLQ==
sdk.js
connect.facebook.net/en_US/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=957875d7cee7dbe1973a538f63095d52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
80ca255fef9a5922c940f3cb837bfb449d150a415402f4264054515e119c3a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://authentication.leparisien.fr/
Origin
https://authentication.leparisien.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
50YKdxr0/GX4769y+Mfbcg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77980
x-fb-rlafr
0
x-fb-debug
qUFkveRudm0tAyC/X/nHdxJny0YOGDVWwqQ35uYye43FL36eDJxMoioHv6z7f4aeNEv8LNsPrvw++Kra9VBJsg==
x-fb-content-md5
8800d623b39308b20410316b821d8f53
x-frame-options
DENY
date
Mon, 18 Oct 2021 17:38:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d7ff87da66edab042f862794c66cb129"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Oct 2022 13:00:50 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://authentication.leparisien.fr/
Origin
https://authentication.leparisien.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137921
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 18 Oct 2022 17:35:30 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 08:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34990
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 12 Oct 2022 08:37:03 GMT
E-LOGO-LP-192x60.svg
assets.leparisien.fr/website/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.leparisien.fr/website/images/E-LOGO-LP-192x60.svg
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-90.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68fb27fb4863492a27a8c5cb494339531e4397c16e48ffccceeb3fbffd08b114

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:10:16 GMT
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 15:40:28 GMT
server
AmazonS3
age
1699
etag
"73dfc4effa446850c451e76d60434165"
x-cache
Hit from cloudfront
x-amz-version-id
BdBl.MfB0iwxUW8kbQqc.XAGww4Npau5
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/svg+xml
content-length
1919
x-amz-cf-id
SJIn1rlOIp2J27ygZV_I8BSxlNZPxHdt5Jq5WUB-_5PdBBhEFt7Cyg==
hit.xiti
logs11.xiti.com/ 		35 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs11.xiti.com/hit.xiti?s=40086&idclient=5f890e02-5008-42e3-86d1-ee280cad3553&vc=false&vm=exempt&ts=1634578714222&vtag=5.28.1&ptag=js&ac=undefined&p=crea_compte::mon-compte::inscription&s2=29&x3=29&x4=9&x5=undefined&x6=undefined&x10=undefined&x11=undefined&x14=undefined&stc=%7B%22device%22%3A%22desktop%22%7D&ref=
Requested by
Host: authentication.leparisien.fr
URL: https://authentication.leparisien.fr/connexion/?redirect_url=https%3A%2F%2Fleparisien-serviceclients.nce0002.novius.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.221.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-221-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
cache-control
no-store
content-length
35
strict-transport-security
max-age=15768000
content-type
image/gif
anchor
www.google.com/recaptcha/enterprise/ Frame ACCA 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
ab168edc19163d1dae79984963c6eb47755d5bf9084d648763a33b5c8cd3dbd5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gB0wKergUY+KKnc8/Dpa6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://authentication.leparisien.fr/
accept-encoding
gzip, deflate, br
cookie
NID=511=RSBCRjAdbMs2SUQOx1n3FFT4NVMp-klZb0nif_GA0GTT-BMf99zYHrTrP2kid-4cTRGnB5EIa6Q19oOnAKA2kPfQ0Ws8rsFn1ib9TEtMj-ukV5KE8oVAQQmBHuzwNfu4h6yE8puQ2CFrOiwYN57S6h_fTjjUMpHL3llhJrLHhFI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Oct 2021 17:38:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-gB0wKergUY+KKnc8/Dpa6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20250
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe
accounts.google.com/o/oauth2/ Frame 5DB8 		513 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
ESF /
Resource Hash
3959f56cc96a5a6dbfcd30dcc8a7e882e1d0bc57e5c8e2232ac1e5c42d521695
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hviQO/2jV+xrzpAHc9ZgOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://authentication.leparisien.fr/
accept-encoding
gzip, deflate, br
cookie
NID=511=RSBCRjAdbMs2SUQOx1n3FFT4NVMp-klZb0nif_GA0GTT-BMf99zYHrTrP2kid-4cTRGnB5EIa6Q19oOnAKA2kPfQ0Ws8rsFn1ib9TEtMj-ukV5KE8oVAQQmBHuzwNfu4h6yE8puQ2CFrOiwYN57S6h_fTjjUMpHL3llhJrLHhFI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://authentication.leparisien.fr/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Oct 2021 17:38:34 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-hviQO/2jV+xrzpAHc9ZgOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame ACCA 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 09:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 18 Oct 2022 09:40:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame ACCA 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137921
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 18 Oct 2022 17:35:30 GMT
1524891944-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 5DB8 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 18:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40191
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 04:07:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Mon, 17 Oct 2022 18:11:57 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ACCA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
age
274821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Fri, 22 Oct 2021 13:18:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACCA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 19:58:13 GMT
x-content-type-options
nosniff
age
596421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 19:58:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACCA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 01:35:26 GMT
x-content-type-options
nosniff
age
576188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:35:26 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame ACCA 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=qljbK_DTcvY1PzbR7IG69z1r
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
b09b62ea3362a0e9cdf0a6362e6f0c478744254a9d080b0a0e6c943a05376919
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfdp_EaAAAAAFiY87YvW26_6eZgWK8VPEDiJyFN&co=aHR0cHM6Ly9hdXRoZW50aWNhdGlvbi5sZXBhcmlzaWVuLmZyOjQ0Mw..&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=n0xtplh2xh48
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 18 Oct 2021 17:38:34 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 5DB8 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fauthentication.leparisien.fr&client_id=573061752230-3mqc2q7qvd76vudv598he9id9fl0i427.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 18 Oct 2021 18:38:34 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| dataLayer boolean| gdprAppliesGlobally function| __tcfapi object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations function| webpackHotUpdateuseraccount object| regeneratorRuntime string| __react_router_build__ boolean| __EMOTION_REACT_11__ function| onloadCallback function| fbAsyncInit function| onGoogleScriptLoad object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiOnReady object| didomiEventListeners object| didomiState object| google_tag_manager function| postscribe object| google_tag_manager_external function| C55 object| config55 function| _nodeExplorer object| AppleID object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gapi object| ___jsl object| ATInternet function| ATCustomEvent object| tag object| recaptcha object| closure_lm_867374 object| osapi

7 Cookies

Domain/Path Name / Value
leparisien-serviceclients.nce0002.novius.net/ Name: XSRF-TOKEN
Value: eyJpdiI6Ilh3OFlWKzBpbXgzb0hxXC9OTnFHektnPT0iLCJ2YWx1ZSI6ImxxVnhIeXJoU0tzV0JGSkQyR0htSEV1MzRUWXphcmd5VEg1TnJUMFZTd3VWSHUwR0xYeUc1S09nWHdvZTh1em8iLCJtYWMiOiI1OGExOTkwYzFkOWZlOTkzNDhmMmI5ZDg2MmE4ZmVkMTljZDkyNDFiMjNhMTMxM2E4YzQwMmNkNWQ2YTRhZGEyIn0%3D
leparisien-serviceclients.nce0002.novius.net/ Name: le_parisien_espace_abonnement_session
Value: eyJpdiI6ImJlWDVsTFFaNmVTQnd2WmtYamQrRGc9PSIsInZhbHVlIjoiKzlUaWhldFwvWXV5bXViVU9Ob2l2THlRRmtcL0t5dllTeHJjK2twTXZ2bWh5Q3pQd21rSFJzZktnSHF4Ujk2SVRJIiwibWFjIjoiY2UzNjczZGI5MjI4MTlkMTM5NDYzMWRiOTcxZjhlMjZjZDFmMDRlZDk4YmFmMjliNDFlOTVmZWM5ZDY3NzhhMiJ9
.google.com/ Name: NID
Value: 511=RSBCRjAdbMs2SUQOx1n3FFT4NVMp-klZb0nif_GA0GTT-BMf99zYHrTrP2kid-4cTRGnB5EIa6Q19oOnAKA2kPfQ0Ws8rsFn1ib9TEtMj-ukV5KE8oVAQQmBHuzwNfu4h6yE8puQ2CFrOiwYN57S6h_fTjjUMpHL3llhJrLHhFI
.leparisien.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdjOTQ3YmMtY2ZlMS02ZWU0LTllZmYtY2QxMWUyMjVhYjM5IiwiY3JlYXRlZCI6IjIwMjEtMTAtMThUMTc6Mzg6MzMuOTA5WiIsInVwZGF0ZWQiOiIyMDIxLTEwLTE4VDE3OjM4OjMzLjkwOVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.leparisien.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%225f890e02-5008-42e3-86d1-ee280cad3553%22%2C%22options%22%3A%7B%22end%22%3A%222022-10-13T17%3A38%3A34.181Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.leparisien.fr/ Name: atauthority
Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222022-11-19T17%3A38%3A34.186Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.authentication.leparisien.fr/ Name: G_ENABLED_IDPS
Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
appleid.cdn-apple.com
assets.leparisien.fr
authentication.leparisien.fr
connect.facebook.net
fonts.gstatic.com
leparisien-serviceclients.nce0002.novius.net
logs11.xiti.com
sdk.privacy-center.org
ssl.gstatic.com
tag.aticdn.net
www.google.com
www.googletagmanager.com
www.gstatic.com
104.111.230.79
13.32.29.44
13.32.29.90
142.250.181.238
142.250.184.196
142.250.185.104
142.250.185.163
142.250.185.205
142.250.186.163
143.204.215.15
143.204.215.81
157.240.20.19
172.217.16.131
18.192.221.62
185.65.80.51
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
35ac5dcaf36b1bcd26cf233f788a10fa6d289db18a36d51173afbd0988bc48e7
3959f56cc96a5a6dbfcd30dcc8a7e882e1d0bc57e5c8e2232ac1e5c42d521695
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5079256327a04d7155d240ca38c3fdb58defb226defa62001ab8b9b988292253
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d491a2ef66916c0dcb787614d8bfaa4100198b299092d91aa379e20f784cc25
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
68fb27fb4863492a27a8c5cb494339531e4397c16e48ffccceeb3fbffd08b114
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74fdf9406c863540be90c6e239bf5fbd6622ddd58da845f2a4a3e7d4f733b70b
80ca255fef9a5922c940f3cb837bfb449d150a415402f4264054515e119c3a59
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
91ddd8038a96ca082970f23f3455e47927f4ef4763632c99fa53a398dba1c77b
95604f87195565292c5ced0211e72627b0dfb22475bf6b11aefb29d7bd436183
9ae08a420e322ba9811674312ac4951d5a4c884023d51eb93e40291eb326dc88
ab168edc19163d1dae79984963c6eb47755d5bf9084d648763a33b5c8cd3dbd5
b09b62ea3362a0e9cdf0a6362e6f0c478744254a9d080b0a0e6c943a05376919
dc883b8db6cbe6e8dd31cfbdbca7d61178f9135fdae4a3fac0b7d2b13363aefb
e1e9f74d88d6516613519af207dd21efcdeee1c689937f86a7f1e6b1dc3bcc0d
e2e9cd20a35da9d3008d5f7b5396d1dcc0bb2137ebd05412e57f70d709557222
ecb79c90ebeab98cf7e59dae93d194ae2b362b970f2dd1d0eab643065c54c431
ef50ddce40d7efff9aa2d5eba42a904691fcdfc0593bc67f4e3af3f7fd018aec
f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
feb40a60fffcf1047e385a5805f46dfc9b0d9e497bad7d303326d0abba657fa3