urlscan.io logo urlscan.io
SecurityTrails logo

connect.capital.fr Open in urlscan Pro
2a02:26f0:e300:18e::33f9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/3404885525.html
Effective URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm...
Submission: On February 03 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 51 HTTP transactions. The main IP is 2a02:26f0:e300:18e::33f9, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is connect.capital.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 7th 2021. Valid for: 7 months.
This is the only time connect.capital.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    91.190.170.11 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
mon.prisma-connect.com
2    2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirect.prisme-news.com
4    34.240.51.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-51-97.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
7    143.204.98.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-75.fra50.r.cloudfront.net
api-connect.capital.fr
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ejp.rlcdn.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
11    2a02:26f0:e300:18e::33f9 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
connect.capital.fr
1    2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
5    192.229.221.61 (United States)

ASN15133 (EDGECAST, US)
tra.scds.pmdstatic.net
1    18.66.139.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-35.fra60.r.cloudfront.net
gdpr-tcfv2.sp-prod.net
4    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    13.32.121.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-49.fra60.r.cloudfront.net
consent.capital.fr
1    104.111.236.230 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-230.deploy.static.akamaitechnologies.com
creas.prismamediadigital.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
24 capital.fr
api-connect.capital.fr
connect.capital.fr
consent.capital.fr — Cisco Umbrella Rank: 739105
637 KB
5 pmdstatic.net
tra.scds.pmdstatic.net — Cisco Umbrella Rank: 140499
13 KB
4 gstatic.com
fonts.gstatic.com
57 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
3 KB
4 cloud-media.fr
er.cloud-media.fr — Cisco Umbrella Rank: 243103
794 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
134 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
86 KB
2 rlcdn.com
ejp.rlcdn.com — Cisco Umbrella Rank: 86180
1 KB
2 prisme-news.com
redirect.prisme-news.com
4 KB
1 prismamediadigital.com
creas.prismamediadigital.com — Cisco Umbrella Rank: 363550
2 KB
1 sp-prod.net
gdpr-tcfv2.sp-prod.net — Cisco Umbrella Rank: 12925
44 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1387
592 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2808
525 B
1 google.com
fcmatch.google.com — Cisco Umbrella Rank: 2806
530 B
1 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197 Failed
20 B
1 prisma-connect.com
mon.prisma-connect.com
871 B
51 16
Domain Requested by
11 connect.capital.fr redirect.prisme-news.com
connect.capital.fr
7 api-connect.capital.fr 1 redirects
6 consent.capital.fr gdpr-tcfv2.sp-prod.net
consent.capital.fr
5 tra.scds.pmdstatic.net connect.capital.fr
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com connect.capital.fr
client
4 er.cloud-media.fr 2 redirects
3 connect.facebook.net connect.facebook.net
2 www.googletagmanager.com mon.prisma-connect.com
www.googletagmanager.com
2 ejp.rlcdn.com 2 redirects
2 redirect.prisme-news.com redirect.prisme-news.com
1 creas.prismamediadigital.com connect.capital.fr
1 gdpr-tcfv2.sp-prod.net tra.scds.pmdstatic.net
1 polyfill.io connect.capital.fr
1 fcmatch.youtube.com
1 fcmatch.google.com 1 redirects
1 cm.g.doubleclick.net
1 mon.prisma-connect.com
51 18

This site contains no links.

Subject Issuer Validity Valid
mon.prisma-connect.com
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
prismamediadigital.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-07 -
2022-05-10		 7 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.sp-prod.net
R3		 2021-12-31 -
2022-03-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
consent.businessinsider.fr
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-12 -
2022-02-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Frame ID: A484DDEC009C85B66BD1D7C7493C41C5
Requests: 40 HTTP requests in this frame

Frame: https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
Frame ID: C671D942565ACEE8BE9BE24E0DB9ABA2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bienvenue sur Prisma Connect

Page URL History Show full URLs

  1. https://mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/3404885525.html Page URL
  2. http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?sh=1e92e2d066c46373e9f9ffaa7c266... Page URL
  3. https://api-connect.capital.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjI... HTTP 302
    http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5... Page URL
  4. https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

51
Requests

88 %
HTTPS

50 %
IPv6

16
Domains

18
Subdomains

16
IPs

5
Countries

982 kB
Transfer

4040 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/3404885525.html Page URL
  2. http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters Page URL
  3. https://api-connect.capital.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJhY3Rpb25zIjpbIkFVVE9MT0dJTl9OTCJdLCJ1c2VySWQiOiJjODlkMDk5OS1mMTkzLTRiNjYtODYzOC1hM2FhMjQyMDAxYTYiLCJ1bmlxIjoia3o2c3p3NmkiLCJleHAiOjE2NDM5Njg1NjQsImlhdCI6MTY0Mzg4MjE2NH0.ESgLY2hFI2bQtUBvOwbw1F4ZZiK7x0aChYYGXf3dM9SmK-0M8JxspF4j2JOCXMtQP6uMwg247LR51UGfgTm_VNycKATjexmyLxgrPmwYO2srEfeqR2enqDzQvVvsCzPk5qpmu8S9qistKR3JcjElReT8WIYt4BTXsJXgbd4p-qXRjSm5g-2tWhFVduz0taXe-IDIUjS2prZz1PqM7G8pIKaZgFwqIQUZaqnZYD5dwvpde717Eb2NcWXelSstjf1-wVW9qpLeMgNCTSKgOQlp8ihnoXHZ7HFSHauZbuGSLD6A9IXI5QcWv-9onB7VQM4SIIhFwgcXQmytnBE4Oc0xgg&autoLoginNL=true&callbackUrl=http%3A%2F%2Fredirect.prisme-news.com%2FP-0-330e05ece19a684801f30ccafbf4ba5d-0-219%2F%3Frt%3D1643882164%26rh%3D817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00%26sid%3D61fba6b47bf65%26sh%3D1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd%26et%3D87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0%26lh%3D63efb5e2%26d%3D20220203%26pk%3D%26cl%3D1%26n%3D1%26l%3Do%26u%3Dhttps%253A%252F%252Fconnect.capital.fr%252Fnewsletters%253Futm_source%253Dnl-connect-cap-tunnel-accueil%2526utm_medium%253Demail%2526utm_campaign%253Dfeature-1%2526utm_content%253Dnewsletters&signupService=CAP_NEWSLETTERS_NEWSLETTER-AUTOLOGIN_NL-CAP_TRAFIC-NL&fake=fake HTTP 302
    http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters Page URL
  4. https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1 HTTP 301
  • https://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1 HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CJrMHBIsCiYIBBAAGiAzMzBlMDVlY2UxOWE2ODQ4MDFmMzBjY2FmYmY0YmE1ZBD6_CEaDQi0ze6PBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
Request Chain 3
  • https://er.cloud-media.fr/r/330e05ece19a684801f30ccafbf4ba5d/dbf051 HTTP 302
  • https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
Request Chain 4
  • https://api-connect.capital.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJhY3Rpb25zIjpbIkFVVE9MT0dJTl9OTCJdLCJ1c2VySWQiOiJjODlkMDk5OS1mMTkzLTRiNjYtODYzOC1hM2FhMjQyMDAxYTYiLCJ1bmlxIjoia3o2c3p3NmkiLCJleHAiOjE2NDM5Njg1NjQsImlhdCI6MTY0Mzg4MjE2NH0.ESgLY2hFI2bQtUBvOwbw1F4ZZiK7x0aChYYGXf3dM9SmK-0M8JxspF4j2JOCXMtQP6uMwg247LR51UGfgTm_VNycKATjexmyLxgrPmwYO2srEfeqR2enqDzQvVvsCzPk5qpmu8S9qistKR3JcjElReT8WIYt4BTXsJXgbd4p-qXRjSm5g-2tWhFVduz0taXe-IDIUjS2prZz1PqM7G8pIKaZgFwqIQUZaqnZYD5dwvpde717Eb2NcWXelSstjf1-wVW9qpLeMgNCTSKgOQlp8ihnoXHZ7HFSHauZbuGSLD6A9IXI5QcWv-9onB7VQM4SIIhFwgcXQmytnBE4Oc0xgg&autoLoginNL=true&callbackUrl=http%3A%2F%2Fredirect.prisme-news.com%2FP-0-330e05ece19a684801f30ccafbf4ba5d-0-219%2F%3Frt%3D1643882164%26rh%3D817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00%26sid%3D61fba6b47bf65%26sh%3D1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd%26et%3D87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0%26lh%3D63efb5e2%26d%3D20220203%26pk%3D%26cl%3D1%26n%3D1%26l%3Do%26u%3Dhttps%253A%252F%252Fconnect.capital.fr%252Fnewsletters%253Futm_source%253Dnl-connect-cap-tunnel-accueil%2526utm_medium%253Demail%2526utm_campaign%253Dfeature-1%2526utm_content%253Dnewsletters&signupService=CAP_NEWSLETTERS_NEWSLETTER-AUTOLOGIN_NL-CAP_TRAFIC-NL&fake=fake HTTP 302
  • http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
Request Chain 5
  • http://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1 HTTP 301
  • https://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGkzMDcwUUY1UEpYa1hBUFlCdGJCTVNmaWM5amNUM2VNS0pOU2lQNFJObUREcDFXV3I2NVJkMS1Xb09ubGJRUGpBWHV1NA==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AAAAAGSIF5C5URCFD4GJsIJIUIAEXwFAAAGAgBgQBA4AACBCAEAwEkAAAEAAAIAAAAAAAIAIAAAAACAkAAAAAQIAAIQAAAAQAIAAAIAIACAAAEAAAAAgAAoAQEAAAAAAAAAAAgAAAAAYAQMkQLyFyoiEKGwMDQQCQoQAIigKAAAMBADAACBgAAECEAIBgJIAAAAAAAQAAAAAAAQAQAAAAAABIAAAAAgQAAQgAAAAgAQAAAQAQAEAAAIAAAABAABQAgAAAAAAAAAAABAAAAAAwAgAA.YAAAAAAAA4AA HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QOIx3OWIw3Nh8g-nP3aeukKqDluw7Aqk HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QOIx3OWIw3Nh8g-nP3aeukKqDluw7Aqk
Request Chain 6
  • https://er.cloud-media.fr/r/330e05ece19a684801f30ccafbf4ba5d/dbf051 HTTP 302
  • https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3404885525.html
mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/ 		506 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/3404885525.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.11 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Thu, 03 Feb 2022 09:56:04 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
506
Connection
close
Content-Type
text/html; charset=UTF-8
/
redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
49f827bae21d33c239b16459973187830a165af3d31b5385775384be94691b0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Thu, 03 Feb 2022 09:56:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
nginx
Vary
Accept-Encoding
Refresh
0.500000; url=https://api-connect.capital.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJhY3Rpb25zIjpbIkFVVE9MT0dJTl9OTCJdLCJ1c2VySWQiOiJjODlkMDk5OS1mMTkzLTRiNjYtODYzOC1hM2FhMjQyMDAxYTYiLCJ1bmlxIjoia3o2c3p3NmkiLCJleHAiOjE2NDM5Njg1NjQsImlhdCI6MTY0Mzg4MjE2NH0.ESgLY2hFI2bQtUBvOwbw1F4ZZiK7x0aChYYGXf3dM9SmK-0M8JxspF4j2JOCXMtQP6uMwg247LR51UGfgTm_VNycKATjexmyLxgrPmwYO2srEfeqR2enqDzQvVvsCzPk5qpmu8S9qistKR3JcjElReT8WIYt4BTXsJXgbd4p-qXRjSm5g-2tWhFVduz0taXe-IDIUjS2prZz1PqM7G8pIKaZgFwqIQUZaqnZYD5dwvpde717Eb2NcWXelSstjf1-wVW9qpLeMgNCTSKgOQlp8ihnoXHZ7HFSHauZbuGSLD6A9IXI5QcWv-9onB7VQM4SIIhFwgcXQmytnBE4Oc0xgg&autoLoginNL=true&callbackUrl=http%3A%2F%2Fredirect.prisme-news.com%2FP-0-330e05ece19a684801f30ccafbf4ba5d-0-219%2F%3Frt%3D1643882164%26rh%3D817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00%26sid%3D61fba6b47bf65%26sh%3D1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd%26et%3D87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0%26lh%3D63efb5e2%26d%3D20220203%26pk%3D%26cl%3D1%26n%3D1%26l%3Do%26u%3Dhttps%253A%252F%252Fconnect.capital.fr%252Fnewsletters%253Futm_source%253Dnl-connect-cap-tunnel-accueil%2526utm_medium%253Demail%2526utm_campaign%253Dfeature-1%2526utm_content%253Dnewsletters&signupService=CAP_NEWSLETTERS_NEWSLETTER-AUTOLOGIN_NL-CAP_TRAFIC-NL&fake=fake
x-pmc-result
200
x-pmc-brand
CAP
x-pmc-time
186
Content-Encoding
gzip
Via
1.1 google
pixel
cm.g.doubleclick.net/
Redirect Chain
  • http://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1
  • https://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1
  • https://ejp.rlcdn.com/1000.gif?memo=CJrMHBIsCiYIBBAAGiAzMzBlMDVlY2UxOWE2ODQ4MDFmMzBjY2FmYmY0YmE1ZBD6_CEaDQi0ze6PBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
0
0
dbf051
er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/
Redirect Chain
  • https://er.cloud-media.fr/r/330e05ece19a684801f30ccafbf4ba5d/dbf051
  • https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
Protocol
H2
Server
34.240.51.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-51-97.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://redirect.prisme-news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:05 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
date
Thu, 03 Feb 2022 09:56:04 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
/
redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/
Redirect Chain
  • https://api-connect.capital.fr/prd/login/action-token?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjIxYzI2ZjA3OWQ2YWY2OWNmYjMwYjNmZWYwMjg5MjIzYjU4Yzk1YjMifQ.eyJhY3Rpb25zIjpbIkFVVE9MT0dJTl9OTC...
  • http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9...
1 KB
992 B 		Document
General
Check archive.org
Download Go to
Full URL
http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
Requested by
Host: redirect.prisme-news.com
URL: http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e1e1ff552ff20d67c21828a2804675e70465fe01f1a93d258538e5832e81b4fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters

Response headers

Date
Thu, 03 Feb 2022 09:56:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
nginx
Vary
Accept-Encoding
Refresh
0.500000; url=https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters#srWebsiteId=25&srAuthUserId=330e05ece19a684801f30ccafbf4ba5d
Content-Encoding
gzip
Via
1.1 google

Redirect headers

content-type
application/json
content-length
0
location
http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
date
Thu, 03 Feb 2022 09:56:05 GMT
x-amzn-requestid
5dff2563-5cbe-4f4c-841f-55dbdc6cb877
access-control-allow-origin
https://www.prismaconnect.fr
x-amz-apigw-id
M9b8VEaKjoEFdMw=
access-control-expose-headers
x-pmc-jwt
x-amzn-trace-id
Root=1-61fba6b5-72831f2f3cf041ae484ebc61;Sampled=0
access-control-max-age
86400
x-cache
Miss from cloudfront
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lMOuB9QJRfKgbNA5Eb9hYbXeNBvQjYwpm7CeR6Mhj7-5Xeu3wky6uA==
pixel
fcmatch.youtube.com/
Redirect Chain
  • http://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1
  • https://ejp.rlcdn.com/468506.gif?m=330e05ece19a684801f30ccafbf4ba5d&n=1
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGkzMDcwUUY1UEpYa1hBUFlCdGJCTVNmaWM5amNUM2VNS0pOU2lQNFJObUREcDFXV3I2NVJkMS1Xb09ubGJRUGpBWHV1NA==&google_cm&gdpr=1&gdpr_consent=CPLPD...
  • https://fcmatch.google.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QOI...
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QO...
170 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QOIx3OWIw3Nh8g-nP3aeukKqDluw7Aqk
Protocol
H2
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Feb 2022 09:56:05 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Feb 2022 09:56:05 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDophCHY82cmdRptSPQaepHursss4HcYe2LBoL7zpndtkEF_5zQ65ZOkiaDOHr2fkUUJ_61p7PdIb21t-muH2C-Utqzf8AE1gQUjtb0Ub_IJ8hlJkfiuVoyN1tHTjMYB1J6MOAc8l9eL0hLZ-lE8QOIx3OWIw3Nh8g-nP3aeukKqDluw7Aqk
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dbf051
er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/
Redirect Chain
  • https://er.cloud-media.fr/r/330e05ece19a684801f30ccafbf4ba5d/dbf051
  • https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
35 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
Protocol
H2
Server
34.240.51.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-51-97.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://redirect.prisme-news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:05 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/330e05ece19a684801f30ccafbf4ba5d/dbf051
date
Thu, 03 Feb 2022 09:56:05 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
Primary Request newsletters
connect.capital.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Requested by
Host: redirect.prisme-news.com
URL: http://redirect.prisme-news.com/P-0-330e05ece19a684801f30ccafbf4ba5d-0-219/?rt=1643882164&rh=817ccef68b964a5c74b070d4fdc62b8e77f192bfd5db1bff94b66c6d8f581d00&sid=61fba6b47bf65&sh=1e92e2d066c46373e9f9ffaa7c266aa92436b3745ba3305f9344fcbb470587fd&et=87dbdd50635d950ad6019039b977f1c499222aa585bd70e3fbe06dcefad358a0&lh=63efb5e2&d=20220203&pk=&cl=1&n=1&l=o&u=https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e198dfd03c68f8e06dcdff49f9f66835e81b050c0b03433a2b1abab7d254171

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://redirect.prisme-news.com/

Response headers

content-type
text/html
last-modified
Wed, 26 Jan 2022 15:50:24 GMT
x-amz-version-id
mMfNhcoBikSOY_BvgvTp0FDU_8l.uyQ1
server
AmazonS3
content-encoding
gzip
etag
W/"1e9da446a43383fc8b4d69bb12e066fe"
vary
Accept-Encoding
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
P1z6gyUMWV9Hkevesy5st3YmkrnRSau8b5FG8FjvGFzu8Q7ya3nBsw==
cache-control
public, max-age=300
date
Thu, 03 Feb 2022 09:56:06 GMT
content-length
1064
referrer-policy
no-referrer-when-downgrade
polyfill.min.js
polyfill.io/v3/ 		101 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=fetch%2CIntl%2CIntl.~locale.fr%2CString.prototype.normalize%2CMap%2CSet
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
836433
detected-user-agent
Chrome Mobile/97.0.4692
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:44 GMT
date
Thu, 03 Feb 2022 09:56:07 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/97.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
main-3e710756b9cd96432b43.js
connect.capital.fr/assets/scripts/ 		2 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a775664d2c7c6cd03c4338c1687931d926b6389248862e065b956fee0ff7e442

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
3C2ZzLucyiMmH.9N0goqrCHI3jRd_rIn
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"f8af535fb5bda8bf8b62454c46175672"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
date
Thu, 03 Feb 2022 09:56:06 GMT
x-amz-cf-id
tyaPM5rDYUOVGpFFTqebfZQgrvcf1RvKv4Zfj6JbYifMrrDR8lE5rQ==
main-41ae9a9a6e80a2d13195.css
connect.capital.fr/assets/styles/ 		71 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/styles/main-41ae9a9a6e80a2d13195.css?41ae9a9a6e80a2d13195
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5f2881e1f2722edbd2d97b8c2b9951e0976853478e8e8c1a7d0918475d60742

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
v3MoM6kRjZ25.ZwB6m76RZbw6j9NB35m
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"f05ad6077c335de6ec94f7064a009902"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
date
Thu, 03 Feb 2022 09:56:06 GMT
content-length
12300
x-amz-cf-id
U_2XikI-nNLw5Tn6xrn_eOSnoimM3-81owhMzyQ4Y7VUz9qFqqeJww==
sourcepoint.min.js
tra.scds.pmdstatic.net/sourcepoint/3/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/sourcepoint/3/sourcepoint.min.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F5B) /
Resource Hash
03137861a7d48f19989161cc7461ef313eedea90f856d530cd3ebba420cf7732

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:06 GMT
content-encoding
gzip
age
23
x-cache
HIT
content-disposition
inline
content-length
2567
access-control-allow-origin
*
last-modified
Mon, 02 Aug 2021 14:19:23 GMT
server
ECAcc (paa/6F5B)
etag
W/"bb10ab3f37e39fc29d74bfc2974a51b8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
nxZ7uZWPegJfvP5fINHR3sss3GPnVQ85
via
1.1 e5b75c92aeb08b72d17d5fe9dd0647e0.cloudfront.net (CloudFront)
cache-control
max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
U9N4c-0LjxbrIxUf82vGBVegmnEsYPFCmdFHkc9CD8dOPOu-dEidmQ==
wrapperMessagingWithoutDetection.js
gdpr-tcfv2.sp-prod.net/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/sourcepoint/3/sourcepoint.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-35.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 02:05:02 GMT
server
AmazonS3
age
2273
etag
W/"128d707f6a1d93162de889b18d32e792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Thu, 03 Feb 2022 09:18:14 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
89eGllAAdwlLw8deLlCcLy8MpuHl7Av0emgXFT8jbevrhpdzy6mbWg==
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/styles/main-41ae9a9a6e80a2d13195.css?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc8867b933d56000e714a3ab59357d11cdda95363d8218cae58bd1bd55394b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/assets/styles/main-41ae9a9a6e80a2d13195.css?41ae9a9a6e80a2d13195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 08:31:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Feb 2022 09:56:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Feb 2022 09:56:06 GMT
native-message
consent.capital.fr/wrapper/tcfv2/v1/gdpr/ 		213 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%220763a308-2c1d-46e3-88bc-438f7eaa9553%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters%23srWebsiteId%3D25%26srAuthUserId%3D330e05ece19a684801f30ccafbf4ba5d%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.capital.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
06e340d4f49459af0e13cbbedd751aac33719611da3325f05c6c30faa4b26472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://connect.capital.fr
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
qG-0xXijfC3bDmmDOZVusGOJ5dFtiui7zKvA7OePHS8mUfsFpLLwnw==
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
native-message
consent.capital.fr/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%220763a308-2c1d-46e3-88bc-438f7eaa9553%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fconnect.capital.fr%2Fnewsletters%3Futm_source%3Dnl-connect-cap-tunnel-accueil%26utm_medium%3Demail%26utm_campaign%3Dfeature-1%26utm_content%3Dnewsletters%23srWebsiteId%3D25%26srAuthUserId%3D330e05ece19a684801f30ccafbf4ba5d%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.capital.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://connect.capital.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
content-length
2
date
Thu, 03 Feb 2022 09:56:06 GMT
x-powered-by
Express
access-control-allow-origin
https://connect.capital.fr
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
fkxO-pOPNlFcv9xvdGIxOyiZpsmzA0IiTqprbS-aw1n5Gi7z83UrKg==
index.html
consent.capital.fr/ Frame C671 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters

Response headers

content-type
text/html
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 03 Feb 2022 09:46:55 GMT
etag
W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
jTKSGQZD5E6r7w_2cR_DNfSKMyxNLmOD6vmwgC1-c-YhLGPZ-aBa1Q==
age
554
Notice.03819.css
consent.capital.fr/ Frame C671 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/Notice.03819.css
Requested by
Host: consent.capital.fr
URL: https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 08:56:33 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
3575
etag
W/"894f01a34ee58f1147257366e6a6bde7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
FDwcrW3iNxPHKLuEsjhfq90ut3jxPT7MjyofqtZ4aUma51p4ZI90qQ==
polyfills.d36c5.js
consent.capital.fr/ Frame C671 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/polyfills.d36c5.js
Requested by
Host: consent.capital.fr
URL: https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:12:15 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
2633
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
DovRKbLMrZlOuDvVN7FlAipJwIwnELNQAoQvJTzXAF8Ez4QS28tEVQ==
Notice.70828.js
consent.capital.fr/ Frame C671 		209 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.capital.fr/Notice.70828.js
Requested by
Host: consent.capital.fr
URL: https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://consent.capital.fr/index.html?message_id=601037&consentUUID=2c0dafce-928d-4068-8b6b-31e8054edff1&requestUUID=0763a308-2c1d-46e3-88bc-438f7eaa9553&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:34:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
1275
etag
W/"3f789fabb7890dc26d3914692795ffb3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
FsdvBoeZeNZPUCM69CatJ2hV4WCx40HCs9HPI8xY4bh2KKkFXTbwpw==
css2
fonts.googleapis.com/ Frame C671 		1 KB
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
134e93e8a151b468f1828d68dbcc09bb574f6db8fe048d84f83fec687bbec4f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://consent.capital.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 08:58:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Feb 2022 09:56:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Feb 2022 09:56:07 GMT
cap_logo.svg
creas.prismamediadigital.com/economie/logos/ Frame C671 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creas.prismamediadigital.com/economie/logos/cap_logo.svg
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.236.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-236-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3c98f6f8802a70a111412fe6cbd963586683ae6a9fb04d1d8877593fe95bab18

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://consent.capital.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
1Rypc51xjM.SOTjIO_5SMGjrwpMadhZH
Content-Encoding
gzip
Last-Modified
Mon, 22 Feb 2021 08:24:58 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
ETag
W/"510cbf809aed2399f6ddf03faa5f4d9e"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Date
Thu, 03 Feb 2022 09:56:07 GMT
Connection
keep-alive
Content-Length
2076
X-Amz-Cf-Id
S57mphrB10hdrXwKVCdBrLA-mf5wKC1Eys6UFhfqdzUX3AfCxyZFDg==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host:
URL: webpack:///../node_modules/react-facebook-pixel/dist/fb-pixel.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
JQgc5zb1qvGtMuiGGzRqMFEsB/HnIajtq9PasO3J+i36W+dEW/l4NsCdmYOW3xMsIHZXQhLwCQh+2VWN/fVwKw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Feb 2022 09:56:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSLP3Q4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: mon.prisma-connect.com
URL: https://mon.prisma-connect.com/l2/7WnAZpa2Q3/12885825/3404885525.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3aba6e3d7cb2f4f1377c12b521fe6e2938ad8ec61edfb6d8f08c72f06bcc2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32229
x-xss-protection
0
expires
Thu, 03 Feb 2022 09:56:07 GMT
locales_fr_cap.json
tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/ 		16 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/locales_fr_cap.json
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F6D) /
Resource Hash
4daa4608264d5d3eed08b3fbf2213193f12acff9e1896373bf53370f5ec4979e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
content-encoding
gzip
age
12
x-cache
HIT
content-disposition
inline
content-length
3116
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 15:43:26 GMT
server
ECAcc (paa/6F6D)
etag
W/"607c2ad82e732f87378d206f3b9107d4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
aPAP3BRfUwHDDikvBo1QlI3rg2EdaNb6
via
1.1 fd000a128e6bb534d86b423d2d506d52.cloudfront.net (CloudFront)
cache-control
max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
x-amz-cf-id
cfZ4wD3I4ahUT3dssnfn17Vwqp40hDz-lRJ8YCHbC3-adQgi3NsY6g==
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v13/ Frame C671 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36735bc1581d73a919ffd096c0c558d867f6a565ffc185ce5c5ce54b6084d062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://consent.capital.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 11:18:58 GMT
x-content-type-options
nosniff
age
167829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18008
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 11:18:58 GMT
config_fr_cap.json
tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/config_fr_cap.json
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F4C) /
Resource Hash
e8353b1688adcb9a75d01a0c386d5657f2f91f64bb340f71617efd9328a4901c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
content-encoding
gzip
age
15
x-cache
HIT
content-disposition
inline
content-length
2659
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 15:43:12 GMT
server
ECAcc (paa/6F4C)
etag
W/"1e40e016482e6c79fd008a65c624d98c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
sZFHUpesU5ofE3JvlWJzoeeFIAq6l.Q2
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
cache-control
max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
x-amz-cf-id
E6qNYA8-kYfcyu9yR_JPZbaYyfQ-NEzvn24jRvmzjKeeSSI7TysEcA==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
xrwCkkOtpHw0BSbIHbdIELIFFv1x6+FFQL9LBnmg4uUAiN68gBHZHbhdKNd4t4l4htiu2T9JulqdYHQ/hNDsiA==
x-frame-options
DENY
date
Thu, 03 Feb 2022 09:56:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
668829857397543
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/668829857397543?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3da47db3b461e1c3b0bd4dcd8534871dc0b3b6c7758646192a960123b55bf00e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
IIbpgf/+ZcYf9Dd8URFp0JDc8xT8uFB3pDgH6k2+tAU+C4nfA3kWuliDohpeOWhSRYfA9PnK9B94dcY1bwS6ZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 03 Feb 2022 09:56:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping
api-connect.capital.fr/prd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-pmc-app-id
Origin
https://connect.capital.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Thu, 03 Feb 2022 09:56:07 GMT
x-amzn-requestid
6ebcefc3-4e11-48a9-ba96-b805882046bb
access-control-allow-origin
https://connect.capital.fr
access-control-allow-headers
x-pmc-app-id,X-Api-Key,facebook-token,google-token,apple-token,content-type,x-pmc-jwt
x-amz-apigw-id
M9b8uEaLjoEFfIA=
access-control-allow-methods
OPTIONS,GET
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pS96D8cdGhiy8sKYiBy3lQYV9DMX6XX5d80608AxbkSNLlBVrP0XJg==
ping
api-connect.capital.fr/prd/ 		17 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/ping
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash
9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161

Request headers

Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Accept-Language
fr-FR,fr;q=0.9
x-pmc-app-id
7eb68bbf-c3a8-446e-974e-0358d7c873c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
2f1330d5-a549-409a-b685-0ba4abb887c1
access-control-max-age
86400
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://connect.capital.fr
access-control-expose-headers
x-pmc-jwt
x-amzn-trace-id
Root=1-61fba6b7-1b6e44774a3b42ea4d253d5f;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
M9b8uG00DoEFk8Q=
content-length
17
x-amz-cf-id
CdoRxcqnGEOCMliz1-LyE2vstAj8CR8XobpQJmtBRMfCnW7sVJxkrQ==
gtm.js
www.googletagmanager.com/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDVZGRV&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSLP3Q4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e81eb2605413d21e4b3ed61465bc8a37a626b23f04f447dc9dc702586f51443f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54955
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Feb 2022 09:56:07 GMT
css
fonts.googleapis.com/ 		3 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,700,800&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b511b1e8483a127cc24c3ff01fab3dca20007de179c0e0aaddc9611ffa353cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:56:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Feb 2022 09:56:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Feb 2022 09:56:07 GMT
8048-71986af423107c106cd2.js
connect.capital.fr/assets/scripts/ 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/8048-71986af423107c106cd2.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d846d57ae425e9a803dac07d42a48dcec31ceb0e9e74c3b0d2b50ddd5398b4f7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Q2CdArVxTJG1DMKGVTeQACYj0k_vXaos
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"64f09f52abf6f49b9cbded159b3201fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31535999
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
29752
x-amz-cf-id
iMDyRuETe_yOe69fJ6uHlQCNJwd4X9WgO9yKMq41XzDKtP_5ccgAYA==
9635-1e751dce0f30a0333ec8.js
connect.capital.fr/assets/scripts/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/9635-1e751dce0f30a0333ec8.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
609aaf7bb4683a19411c2f0b76cc8854ebdb147f5bdb5fe4d5d6739a79af3988

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rYohXHBn6gSfQutJrsBdzlupdi.7Uspp
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"4fb378bc6cf75fed93a199e13b62198b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
date
Thu, 03 Feb 2022 09:56:07 GMT
x-amz-cf-id
2rRdmSSTcd0lnslvtJX_bX1m5e35a-LQ_O5u6jzWytMzHLR5FH3iIg==
9133-22108c3b6de25146a955.js
connect.capital.fr/assets/scripts/ 		42 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/9133-22108c3b6de25146a955.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f73c396bfc285a9b2701dc337693333cbdccad8312a6bc4692ce6a986907c2c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
zMvNh5iX_99W9ztXlqIsQ_OXL66AA_ut
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"a21fee105aab1444d07cc8aa57efdea4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
7741
x-amz-cf-id
lC-p1s9dJWoyM5ee8z0tuvvF9Yyl4Xgcw8dQgkuYeIYJsckGFejuag==
4753-f4f90a0d7e675b1d708a.js
connect.capital.fr/assets/scripts/ 		219 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/4753-f4f90a0d7e675b1d708a.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff7fb507625fdadd07f612bb8ad69fc475c1f388a578000d197f8b17b65d1602

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rwzjyZxbpefnS5qnnJtZqSsXhtwC.0Pm
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"2140c0e647afa62780bcf9c9525786df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31535999
date
Thu, 03 Feb 2022 09:56:08 GMT
x-amz-cf-id
anYYAwr0S9382SletE-k8qpym1MNAzmJKEMDx69pNdeivMGVwSqXtQ==
2225-93b1b066172875d7fbe2.js
connect.capital.fr/assets/scripts/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/2225-93b1b066172875d7fbe2.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f09cc69654545cf99d5aa3966c78c91b26d64c739accaa1de260929ac72df9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rEYcvzdNt4oWNwolfMtU81uZMTHwJQIF
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"951dc1266d95bc3c9317b376dc24b5f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31535999
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
12399
x-amz-cf-id
nfL7Pn3pfi9hDFYd7AutA3e8FU7NQuG2bOhLdgjrolmCBFOZjt_EvQ==
css
fonts.googleapis.com/ 		6 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700%7Csans-serif
Requested by
Host:
URL: webpack:///../node_modules/webfontloader/webfontloader.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7097b3b5beba1812170cc0c7b122f0be2e1f030bd0f1c99ab9dc8b5bd3fb89e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:56:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Feb 2022 09:56:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Feb 2022 09:56:08 GMT
subscriptions
api-connect.capital.fr/prd/service/newsletter/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/service/newsletter/subscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-pmc-app-id
Origin
https://connect.capital.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Thu, 03 Feb 2022 09:56:08 GMT
x-amzn-requestid
cf734792-829d-4bc0-ba66-eec93cc7caf3
access-control-allow-origin
https://connect.capital.fr
access-control-allow-headers
x-pmc-app-id,X-Api-Key,facebook-token,google-token,apple-token,content-type,x-pmc-jwt
x-amz-apigw-id
M9b80F82joEF5qA=
access-control-allow-methods
OPTIONS,GET
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
V4VSht2QDThBRlMmtMElziXxgEC4gsHK_2nMr72RF67df3cOCBX9VA==
config_fr_cap.json
tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1/config_fr_cap.json
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F4C) /
Resource Hash
e8353b1688adcb9a75d01a0c386d5657f2f91f64bb340f71617efd9328a4901c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:08 GMT
content-encoding
gzip
age
16
x-cache
HIT
content-disposition
inline
content-length
2659
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 15:43:12 GMT
server
ECAcc (paa/6F4C)
etag
W/"1e40e016482e6c79fd008a65c624d98c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
sZFHUpesU5ofE3JvlWJzoeeFIAq6l.Q2
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
cache-control
max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
x-amz-cf-id
E6qNYA8-kYfcyu9yR_JPZbaYyfQ-NEzvn24jRvmzjKeeSSI7TysEcA==
subscriptions
api-connect.capital.fr/prd/service/newsletter/ 		196 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/service/newsletter/subscriptions
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash
0871d6558a5a2e41325471b21ed760b2e29b36b681c17a955cbea36ba6c9f38a

Request headers

Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Accept-Language
fr-FR,fr;q=0.9
x-pmc-app-id
7eb68bbf-c3a8-446e-974e-0358d7c873c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 03 Feb 2022 09:56:08 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
a834221d-32aa-4d03-88b9-3ba06f8e7b7d
x-cache
Error from cloudfront
x-error-code
A13-004-090
x-amz-apigw-id
M9b81FE_DoEFprA=
content-length
196
referrer-policy
no-referrer-when-downgrade
x-amzn-trace-id
Root=1-61fba6b8-7b5752f022fb5cfd51170cee;Sampled=0
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://connect.capital.fr
access-control-expose-headers
x-pmc-jwt
access-control-allow-credentials
true
x-amz-cf-id
JteeSbbFUZYFzGxhpMytGYsL8H7urM3pFgw2px2hRBw0zSwj5d1hjw==
logoNewsletter.svg
tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1.5.3/icons/cap/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tra.scds.pmdstatic.net/pmc-brand-configs-and-locales/1.5.3/icons/cap/logoNewsletter.svg
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F59) /
Resource Hash
4d4731add1579860893627ed2ff0b4fe44c0ff766bbe59e4026c584505abe45e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 09:56:08 GMT
content-encoding
gzip
age
236950
x-cache
HIT
content-disposition
inline
content-length
908
access-control-allow-origin
*
last-modified
Mon, 31 Jan 2022 15:43:08 GMT
server
ECAcc (paa/6F59)
etag
W/"5466731445d5ac954542602ba4f9b63d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UgmaP2VZPN2GNc6IiY_BXuadC86Zhst1
via
1.1 9f5dc8aa3b00e084cc2e91009dfdc836.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/svg+xml
x-ocdn
all-query
x-amz-cf-id
i4Bsn0m_20B_6Zc_PcOkrpGiLd-y-mOhy6WNR4is_BM2UgSlYBe8Dg==
newsletters
connect.capital.fr/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
mMfNhcoBikSOY_BvgvTp0FDU_8l.uyQ1
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:24 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"1e9da446a43383fc8b4d69bb12e066fe"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=298
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
1064
x-amz-cf-id
P1z6gyUMWV9Hkevesy5st3YmkrnRSau8b5FG8FjvGFzu8Q7ya3nBsw==
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://connect.capital.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:22:37 GMT
x-content-type-options
nosniff
age
81211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 11:22:37 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://connect.capital.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 05:43:33 GMT
x-content-type-options
nosniff
age
101555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13008
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 05:43:33 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700%7Csans-serif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://connect.capital.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:17:49 GMT
x-content-type-options
nosniff
age
135499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:17:49 GMT
brandconsents_-e8170a3801adeb30bc00.js
connect.capital.fr/assets/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.capital.fr/assets/scripts/brandconsents_-e8170a3801adeb30bc00.js
Requested by
Host: connect.capital.fr
URL: https://connect.capital.fr/assets/scripts/main-3e710756b9cd96432b43.js?41ae9a9a6e80a2d13195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e552d64db1b64415e0a287666db52892dd18d1f84cbba94fcd4d8aa15d1e5cb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jYYiDut8IDlR93m_lK7kK2fgtWoU_ppU
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:12 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"6d8e767d299842ffe81feceb6a3db337"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
3286
x-amz-cf-id
kUtnOYyQjD5bgMrH-O8HTsIhHrbOHcFBbq_64XnykPZcDHOjy-NkOA==
preference-center
api-connect.capital.fr/prd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/preference-center
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-pmc-app-id
Origin
https://connect.capital.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Thu, 03 Feb 2022 09:56:08 GMT
x-amzn-requestid
081165a3-d0c6-4a3f-88e8-299d73e20ed8
access-control-allow-origin
https://connect.capital.fr
access-control-allow-headers
x-pmc-app-id,X-Api-Key,facebook-token,google-token,apple-token,content-type,x-pmc-jwt
x-amz-apigw-id
M9b83H7ljoEFRVw=
access-control-allow-methods
OPTIONS,GET
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HGJA-fGpMva7xWQ0bO3pLT4p22GFjbHe1YUby1OSxxxHN_wMAc4P2A==
preference-center
api-connect.capital.fr/prd/ 		89 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-connect.capital.fr/prd/preference-center
Requested by
Host:
URL: webpack:///./index.js_+_192_modules?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-75.fra50.r.cloudfront.net
Software
/
Resource Hash
288307facb81be5f7853e21458289773b61bbd13735d612d32334e63ddd18d8f

Request headers

Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Accept-Language
fr-FR,fr;q=0.9
x-pmc-app-id
7eb68bbf-c3a8-446e-974e-0358d7c873c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 03 Feb 2022 09:56:08 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
e6d1ea87-44ca-4e46-af89-69edab433b1c
x-cache
Miss from cloudfront
x-amz-apigw-id
M9b84HF_joEFoOg=
content-length
12970
access-control-allow-origin
https://connect.capital.fr
referrer-policy
no-referrer-when-downgrade
x-amzn-trace-id
Root=1-61fba6b8-37d1e7193164b39438bec18a;Sampled=0
access-control-max-age
86400
content-type
application/json
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
access-control-expose-headers
x-pmc-jwt
cache-control
public, max-age=600, s-maxage=600
access-control-allow-credentials
true
x-amz-cf-id
BDRPx49lOvoHmf5waRYHJkWHGCjfgAfufQbDtv8D2ABzSkmq8DQ6qw==
newsletters
connect.capital.fr/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:e300:18e::33f9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://connect.capital.fr/newsletters?utm_source=nl-connect-cap-tunnel-accueil&utm_medium=email&utm_campaign=feature-1&utm_content=newsletters
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
mMfNhcoBikSOY_BvgvTp0FDU_8l.uyQ1
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Jan 2022 15:50:24 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"1e9da446a43383fc8b4d69bb12e066fe"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=298
date
Thu, 03 Feb 2022 09:56:08 GMT
content-length
1064
x-amz-cf-id
P1z6gyUMWV9Hkevesy5st3YmkrnRSau8b5FG8FjvGFzu8Q7ya3nBsw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| domain object| consentDomainList object| consentAccountIDList object| consentGroupId function| getUrl function| getBrand function| scrollChoice function| createCookie function| getCookieByName function| generateTargetingParams boolean| premiumConfirmationShown function| callPMCPremiumOrder function| __tcfapi object| _sp_ object| _sp_queue object| webpackChunk object| regeneratorRuntime string| hjid string| hjsv object| scCGSHMRCache object| DD_RUM function| BookmarkClient function| fbq function| _fbq object| dataLayer object| pmcObj object| google_tag_manager

14 Cookies

Domain/Path Name / Value
.rlcdn.com/ Name: rlas3
Value: jS5jHjPt0wmv48HcuviyhKaGWRWPO57Z2x89ryxKHMkbxov8BsCT0pE+9B4lPnt0oUN2lfWNrtR6apMy6/Ql5XbYL/Byo7awKI8alyyvnNCy0vua6YcIfrpHwgEa3XLXy5wm661vnn1kbfASR5jakJyvD4LuANbP
.cloud-media.fr/ Name: l_id
Value: 330e05ece19a684801f30ccafbf4ba5d
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.rlcdn.com/ Name: pxrc
Value: CLXN7o8GEgUI6AcQABIGCLrqARAAEgYIv7YrEAA=
connect.capital.fr/ Name: _sp_v1_uid
Value: 1:717:09a74449-13ae-4f43-a591-17a8ba34742a
connect.capital.fr/ Name: _sp_v1_data
Value: 2:443109:1643882166:0:1:0:1:0:0:_:-1
connect.capital.fr/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKhjHySnNydGKUUpHYJWCJ6traWFwSSjpDwSAURh6IYYDbANIllGIBa1fZ5E8BAAA%3D
connect.capital.fr/ Name: _sp_v1_opt
Value: 1:
connect.capital.fr/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
connect.capital.fr/ Name: _sp_v1_csv
Value: null
connect.capital.fr/ Name: _sp_v1_lt
Value: 1:
.capital.fr/ Name: consentUUID
Value: 2c0dafce-928d-4068-8b6b-31e8054edff1
connect.capital.fr/ Name: _dd_s
Value: rum=0&expire=1643883067397
.capital.fr/ Name: x-pmc-ping
Value: {"message":false}

1 Console Messages

Source Level URL
Text
network error URL: https://api-connect.capital.fr/prd/service/newsletter/subscriptions
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-connect.capital.fr
cm.g.doubleclick.net
connect.capital.fr
connect.facebook.net
consent.capital.fr
creas.prismamediadigital.com
ejp.rlcdn.com
er.cloud-media.fr
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
mon.prisma-connect.com
polyfill.io
redirect.prisme-news.com
tra.scds.pmdstatic.net
www.googletagmanager.com
cm.g.doubleclick.net
104.111.236.230
13.32.121.49
143.204.98.75
172.217.18.98
18.66.139.35
192.229.221.61
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:810::2013
2a00:1450:4001:831::2008
2a02:26f0:e300:18e::33f9
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:e00::282
34.240.51.97
35.244.174.68
91.190.170.11
03137861a7d48f19989161cc7461ef313eedea90f856d530cd3ebba420cf7732
06e340d4f49459af0e13cbbedd751aac33719611da3325f05c6c30faa4b26472
0871d6558a5a2e41325471b21ed760b2e29b36b681c17a955cbea36ba6c9f38a
134e93e8a151b468f1828d68dbcc09bb574f6db8fe048d84f83fec687bbec4f3
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
288307facb81be5f7853e21458289773b61bbd13735d612d32334e63ddd18d8f
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84
2e552d64db1b64415e0a287666db52892dd18d1f84cbba94fcd4d8aa15d1e5cb
36735bc1581d73a919ffd096c0c558d867f6a565ffc185ce5c5ce54b6084d062
3c98f6f8802a70a111412fe6cbd963586683ae6a9fb04d1d8877593fe95bab18
3da47db3b461e1c3b0bd4dcd8534871dc0b3b6c7758646192a960123b55bf00e
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
49f827bae21d33c239b16459973187830a165af3d31b5385775384be94691b0c
4d4731add1579860893627ed2ff0b4fe44c0ff766bbe59e4026c584505abe45e
4daa4608264d5d3eed08b3fbf2213193f12acff9e1896373bf53370f5ec4979e
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
609aaf7bb4683a19411c2f0b76cc8854ebdb147f5bdb5fe4d5d6739a79af3988
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7f73c396bfc285a9b2701dc337693333cbdccad8312a6bc4692ce6a986907c2c
90f09cc69654545cf99d5aa3966c78c91b26d64c739accaa1de260929ac72df9
9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161
9e198dfd03c68f8e06dcdff49f9f66835e81b050c0b03433a2b1abab7d254171
a7097b3b5beba1812170cc0c7b122f0be2e1f030bd0f1c99ab9dc8b5bd3fb89e
a775664d2c7c6cd03c4338c1687931d926b6389248862e065b956fee0ff7e442
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b511b1e8483a127cc24c3ff01fab3dca20007de179c0e0aaddc9611ffa353cee
c3aba6e3d7cb2f4f1377c12b521fe6e2938ad8ec61edfb6d8f08c72f06bcc2fb
c5f2881e1f2722edbd2d97b8c2b9951e0976853478e8e8c1a7d0918475d60742
d846d57ae425e9a803dac07d42a48dcec31ceb0e9e74c3b0d2b50ddd5398b4f7
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e1e1ff552ff20d67c21828a2804675e70465fe01f1a93d258538e5832e81b4fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81eb2605413d21e4b3ed61465bc8a37a626b23f04f447dc9dc702586f51443f
e8353b1688adcb9a75d01a0c386d5657f2f91f64bb340f71617efd9328a4901c
fc8867b933d56000e714a3ab59357d11cdda95363d8218cae58bd1bd55394b09
ff7fb507625fdadd07f612bb8ad69fc475c1f388a578000d197f8b17b65d1602