www.slate.fr Open in urlscan Pro
2606:4700:10::ac43:9f4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Submission: On October 31 via api (October 31st 2023, 4:42:44 pm UTC) from CZ — Scanned from FR

Summary HTTP 110 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 27 domains to perform 110 HTTP transactions. The main IP is 2606:4700:10::ac43:9f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.slate.fr. The Cisco Umbrella rank of the primary domain is 176584.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2023. Valid for: a year.

This is the only time www.slate.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:10:... 2606:4700:10::ac43:9f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:334	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	185.104.77.55 185.104.77.55	28774 (ASI-EFISENS) (ASI-EFISENS)
2	2606:4700:e0:... 2606:4700:e0::ac40:6606	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	46.105.198.136 46.105.198.136	16276 (OVH) (OVH)
3	152.199.23.151 152.199.23.151	15133 (EDGECAST) (EDGECAST)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.112.37 18.66.112.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2	46.105.201.224 46.105.201.224	16276 (OVH) (OVH)
1	13.225.78.25 13.225.78.25	16509 (AMAZON-02) (AMAZON-02)
1 5	2a01:4f8:fff3... 2a01:4f8:fff3:f::	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	52.210.234.226 52.210.234.226	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:9200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.36.164.167 13.36.164.167	16509 (AMAZON-02) (AMAZON-02)
1	35.244.149.29 35.244.149.29	15169 (GOOGLE) (GOOGLE)
1	51.15.145.115 51.15.145.115	12876 (Online SAS) (Online SAS)
2	212.129.3.112 212.129.3.112	12876 (Online SAS) (Online SAS)
1	185.104.77.61 185.104.77.61	28774 (ASI-EFISENS) (ASI-EFISENS)
1	137.74.125.156 137.74.125.156	16276 (OVH) (OVH)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
5	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
5	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
110	36

32 2606:4700:10::ac43:9f4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.slate.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a69 (United States)

ASN13335 (CLOUDFLARENET, US)

choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:334 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.opti-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.104.77.55 (Vitry-sur-Seine, France)

ASN28774 (ASI-EFISENS, FR)

cdn.jokerly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6606 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.198.136 (France)

ASN16276 (OVH, FR)

cdn.mediasquare.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.23.151 (United States)

ASN15133 (EDGECAST, US)

widget.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-37.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.224 (France)

ASN16276 (OVH, FR)

tag.agrvt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-25.fra2.r.cloudfront.net

script.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:fff3:f:: (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

api.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.234.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-234-226.eu-west-1.compute.amazonaws.com

api.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.164.167 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-164-167.eu-west-3.compute.amazonaws.com

app-preprod.jokerly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.149.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.149.244.35.bc.googleusercontent.com

analytics.optidigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.115 (France)

ASN12876 (Online SAS, FR)
PTR: kube-rr.sirdata.fr

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.129.3.112 (Bordeaux, France)

ASN12876 (Online SAS, FR)
PTR: kube-rr.sirdata.fr

cdn.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sirdata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.104.77.61 (Vitry-sur-Seine, France)

ASN28774 (ASI-EFISENS, FR)

pro.jokerly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.125.156 (France)

ASN16276 (OVH, FR)

pbs-front.mediasquare.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	slate.fr www.slate.fr — Cisco Umbrella Rank: 176584	472 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	439 KB
11	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 3672 abs-0.twimg.com — Cisco Umbrella Rank: 3649 pbs.twimg.com — Cisco Umbrella Rank: 1190	103 KB
8	jokerly.com cdn.jokerly.com — Cisco Umbrella Rank: 707907 app-preprod.jokerly.com — Cisco Umbrella Rank: 585906 pro.jokerly.com — Cisco Umbrella Rank: 687572	94 KB
8	consentframework.com 1 redirects choices.consentframework.com — Cisco Umbrella Rank: 43176 api.consentframework.com — Cisco Umbrella Rank: 41656 cdn.consentframework.com — Cisco Umbrella Rank: 206832	129 KB
3	beop.io widget.beop.io — Cisco Umbrella Rank: 44513	92 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	ownpage.fr script.ownpage.fr — Cisco Umbrella Rank: 169123 api.ownpage.fr — Cisco Umbrella Rank: 133291	2 KB
2	agrvt.com tag.agrvt.com — Cisco Umbrella Rank: 101179	5 KB
2	gstatic.com fonts.gstatic.com	67 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	400 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040	288 B
2	mediasquare.fr cdn.mediasquare.fr — Cisco Umbrella Rank: 199091 pbs-front.mediasquare.fr — Cisco Umbrella Rank: 50745	1 KB
2	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 11715	3 KB
2	opti-digital.com scripts.opti-digital.com — Cisco Umbrella Rank: 64299	47 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	151 KB
1	sirdata.io cdn.sirdata.io — Cisco Umbrella Rank: 380562	31 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 78162	535 B
1	optidigital.com analytics.optidigital.com — Cisco Umbrella Rank: 283557	292 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245	9 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 17843	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	991 B
110	27

	Domain	Requested by
32	www.slate.fr	www.slate.fr
12	platform.twitter.com	www.slate.fr platform.twitter.com
5	pbs.twimg.com
5	abs-0.twimg.com
5	api.consentframework.com	1 redirects www.slate.fr choices.consentframework.com
5	cdn.jokerly.com	www.slate.fr cdn.jokerly.com
3	syndication.twitter.com	platform.twitter.com
3	widget.beop.io	www.slate.fr widget.beop.io
2	app-preprod.jokerly.com	cdn.jokerly.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tag.agrvt.com	www.slate.fr tag.agrvt.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	www.slate.fr
2	ads.stickyadstv.com	cdn.jokerly.com
2	connect.facebook.net	www.slate.fr connect.facebook.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	applets.ebxcdn.com	www.slate.fr applets.ebxcdn.com
2	scripts.opti-digital.com	www.slate.fr scripts.opti-digital.com
2	choices.consentframework.com	www.slate.fr
2	www.googletagmanager.com	www.slate.fr www.googletagmanager.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	pbs-front.mediasquare.fr	cdn.mediasquare.fr
1	pro.jokerly.com	cdn.jokerly.com
1	cdn.sirdata.io	www.slate.fr
1	cdn.consentframework.com	www.slate.fr
1	js.cookieless-data.com	choices.consentframework.com
1	analytics.optidigital.com	scripts.opti-digital.com
1	www.facebook.com	www.slate.fr
1	rules.quantcount.com	secure.quantserve.com
1	api.ownpage.fr	www.slate.fr
1	script.ownpage.fr	www.slate.fr
1	secure.quantserve.com	www.slate.fr
1	www.google.fr	www.slate.fr
1	cdn.mediasquare.fr	www.slate.fr
1	fonts.googleapis.com	www.slate.fr
110	36

This site contains links to these domains. Also see Links.

Domain
www.pexels.com
www.vice.com
www.humanite.fr
www.20minutes.fr
www.slate.com
korii.slate.fr
www.consentframework.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jokerly.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-14`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
balance.mediasquare.fr R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.beop.io Gandi Standard SSL CA 2	`2023-03-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tag.agrvt.com R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.ownpage.fr Amazon RSA 2048 M01	`2023-09-28` - `2024-10-26`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.consentframework.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-20`	a year	crt.sh
analytics.optidigital.com GTS CA 1D4	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.cookieless-data.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-03-21`	a year	crt.sh
cdn.consentframework.com R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
cdn.sirdata.io R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
bidder-test.mediasquare.fr R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Frame ID: 3A8B2A0A1A13506C753D763CE80E417E
Requests: 85 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.slate.fr
Frame ID: AC77A00E9F8481003B72F20D7C9FDAD5
Requests: 2 HTTP requests in this frame

Frame: https://pbs-front.mediasquare.fr/cookie_sync?type=iframe&origin=publisher&gdpr=1&gdpr_consent=CP0gqMAP0gqMABcAIBENDdCgAAAAAH_AAAqIIzQAARmgbgALgAcAB4AFQALgAcgA-AEAAJIAYgBlADQANQAeABEACOAEyAJ4AoQBcAF0AMQAZgA0ABvAD8AISARABEgDDgGUAZYA0QBzwD7AP0AhABFACLQEcAR0Ap4BVwC5gF1ALyAX0AxQBogDXgG0AOoAf8BHoCYgFDgKaAVyAtQBeYDBAGLAMkAabA5MDlAAAA
Frame ID: 4FCE5E1FE18F2884082E45137241E7C7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Frame ID: 9A4C2E924B7445EFAF43514010DBF9A3
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Des hackers remplacent les publicités des bus londoniens par des messages de Palestiniens queers | Slate.fr

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

<(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

99 %
HTTPS

54 %
IPv6

27
Domains

36
Subdomains

36
IPs

5
Countries

1762 kB
Transfer

4708 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pexels.com/fr-fr/photo/sieges-de-banc-d-autobus-808846/
Title: via Pexels

Search URL Search Domain Scan URL

URL: https://www.vice.com/en/article/m7bxxq/hackers-took-over-transit-ads-with-messages-from-queer-palestinians-in-gaza
Title: Vice

Search URL Search Domain Scan URL

URL: https://www.humanite.fr/direct_content_feed/guerre-entre-le-hamas-et-israel
Title: tué plus de 1.400 Israéliens

Search URL Search Domain Scan URL

URL: https://www.20minutes.fr/monde/israel/4060175-20231031-guerre-hamas-israel-netanyahou-affirme-armee-israelienne-progresse-methodiquement-bande-gaza
Title: plus de 8.000 morts

Search URL Search Domain Scan URL

URL: https://www.slate.com/
Title: Slate.com

Search URL Search Domain Scan URL

URL: https://korii.slate.fr/

Search URL Search Domain Scan URL

URL: https://www.consentframework.com/
Title: websites

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://api.consentframework.com/api/v1/public/profile?origin=https://www.slate.fr HTTP 302
https://api.consentframework.com/api/v1/public/profile?bounce=1

110 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer Show response
www.slate.fr/story/255641/ 52 KB
13 KB 104ms
50ms Document
text/html 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee1f48df7a4d9f41a29275f194dc2763d7151006913ad3f2d3e27c6a84dcc46

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.slate.fr https://.slate.fr https://.mnhn.fr https://.museedelhomme.fr http://mdh.preprod.mnhn.insite.coop https://mdh.preprod.mnhn.insite.coop
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 712
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 81ed5a331b0d009c-CDG
content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors http://*.slate.fr https://*.slate.fr https://*.mnhn.fr https://*.museedelhomme.fr http://mdh.preprod.mnhn.insite.coop https://mdh.preprod.mnhn.insite.coop
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:42:37 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 31 Oct 2023 16:29:30 GMT
link: <https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer?amp>; rel="amphtml"
server: cloudflare
traceresponse: 00-17933e2c7965d5508c09341e64242a16-dbc1643254613400-01
vary: Cookie Accept-Encoding
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-platform-server: slateprod-core-5 slateprod-core-5

GET
H2 200 main.css
www.slate.fr/sites/all/themes/slatefr/styles/ 277 KB
49 KB 36ms
34ms Stylesheet
text/css 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843ae8ad751bd026913bf4e17d3f5c4c3273421f144ed5cf9a5536d89e9434a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-7, slateprod-core-7
server: cloudflare
age: 277
traceresponse: 00-179315c632e238f1b89ab720ed35eb8b-3b2150f88e614bb4-01
etag: W/"653b7ed3-4554c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a336bc7009c-CDG
expires: Tue, 31 Oct 2023 16:43:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 101ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R8L4C7QPQC

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b689f4a05a794b86236b7f9cc9094961e67ebd3d845833467d0a11297379adde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 16:42:38 GMT

GET
H2 200 stub Show response
choices.consentframework.com/js/pa/23723/c/dWua2/ 2 KB
1 KB 166ms
112ms Script
text/javascript 2606:4700:20::ac43:4a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/23723/c/dWua2/stub

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dyzluRRbVo5xPlDKem%2BemBlDqWQ4%2Bb8aHe%2FbRewhey11tjgdqeQbgoYtGXgzS33G8UAM19rYfLnktR%2BEdGA5OmcMvwT%2Fb7Pr2KErDoKy1MaXRcybltOUbWZSLhGl%2B3q%2BJcNzYJphBn%2BYI3xaxaoOvJ8Z%2BFJjp6E6Gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 81ed5a33cec40232-CDG

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/23723/c/dWua2/ 559 KB
124 KB 61ms
60ms Script
text/javascript 2606:4700:20::ac43:4a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/23723/c/dWua2/cmp

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa1bb1da7b8c500a24da410b3880f17747c2d6a0e31496551a3e3f4f5e46fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3105
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF74XTif4f0x5JiH7VZQw8lbwJbODl3iqBTlq99%2BwgfHmzQ%2F8EvtO0%2BxSZbQUxb2h8Hc%2BAS8Q2R0umxyW2j2%2BReAf6J9rYg9G5YQLXlUa5kS74leHuu5DZb6j3YK%2BIjOanTBeLqaHoh2k%2Frl%2FHsBETXTg57bJhUMy%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 81ed5a34c8ab0232-CDG

GET
H2 200 / Show response
scripts.opti-digital.com/tags/ 85 KB
17 KB 148ms
51ms Script
text/javascript 2606:4700::6812:334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.opti-digital.com/tags/?site=slate
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680cac9e1468ae2a9f7bba234b529b2a00161aae59bbd8349a371b8e1046bbc3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 31 Oct 2023 15:08:44 GMT
server: cloudflare
cf-polished: origSize=166151
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-cloud-trace-context: 2f4723acadadda7aaef2246b5a2adb86
cache-control: public, max-age=7200
cf-ray: 81ed5a3559ed3cc9-CDG
expires: Tue, 31 Oct 2023 18:42:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
991 B 101ms
42ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39c16a0e7efb70de43d3e3f1f6850a786e975cb5d025a41330bb659e36a15a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 16:42:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:42:38 GMT

GET
H/1.1 200
OK Slate_abChoice.js Show response
cdn.jokerly.com/scripts/ 32 KB
11 KB 131ms
45ms Script
application/javascript 185.104.77.55
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jokerly.com/scripts/Slate_abChoice.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.104.77.55 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: b029df8ab405928be15a36fea3b0cf2da3fab2308b2526021d05f09f0a94fa5f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 16:17:48 GMT
Server: nginx/1.10.3
ETag: W/"6489e82c-81ad"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:42:36 GMT

GET
H2 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
994 B 127ms
39ms Script
application/javascript 2606:4700:e0::ac40:6606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
x-amzn-remapped-content-length: 464
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 212
x-amzn-requestid: 37be331e-a1f1-4253-aa30-6a9733c67e29
x-amz-apigw-id: NrQSoERUDoEEkiA=
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed Aug 30 13:25:09 GMT 2023
server: cloudflare
x-amzn-trace-id: Root=1-65412daa-4937e2323d2d7ad312ba3d91;Sampled=0;lineage=7936cbcf:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkrrqaSwR88Pre7TyUtBehnaTe2L8qT6LgyiOuuGIaDGwJCWV%2BMrXQ5K2dbLnMqJQD3z9S%2BjFunkgs8OLd9ZO0%2FgEELNOIox3JVXGHychfbdPIoLrXd6HF3XNfoHyvFfMQqMHLmSrEA%2FnTmG3TYkjy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 81ed5a355c4624e7-LHR

GET
H2 200 icon-fb.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 507 B
551 B 30ms
29ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-fb.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa23e04ef278c78922b1fa01118fca707166355fd2322794cc0d5cf1d227722

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-7, slateprod-core-7
server: cloudflare
age: 37
traceresponse: 00-1791ec15ee4559a437cee98d5814e785-b10402c42cefc2e9-01
etag: W/"653b7ed3-1fb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a336bc9009c-CDG
expires: Tue, 31 Oct 2023 16:47:00 GMT

GET
H2 200 icon-messenger-white.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 801 B
693 B 31ms
30ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-messenger-white.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9509f646da6baab8dd1a61bb6bd19a88c2bd084acf3cde5706f153873c608bc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 293
traceresponse: 00-1793132892cbbb65135ac6534949e581-b8db1d310ace87de-01
content-length: 539
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-321"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a336bca009c-CDG
expires: Tue, 31 Oct 2023 16:42:44 GMT

GET
H2 200 icon-twitter.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 1 KB
850 B 29ms
28ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-twitter.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8ab09b6d2dd8fd3ac83c32bfb2135302e9f22e0c76b49a1ff9c2b9fd0bd81c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 23
traceresponse: 00-1791ec17c94e0cb89a3728889e1e414a-5518310ac2319d0a-01
content-length: 703
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-4f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a33ac2f009c-CDG
expires: Tue, 31 Oct 2023 16:47:15 GMT

GET
H2 200 icon-linkedin.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 775 B
583 B 29ms
29ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-linkedin.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba131293ce8555dde013a9de2906100dfba071361db9e9d6487d539530dc794

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 284
traceresponse: 00-1791ec0820989020ab2bdecb4b02d882-964900635813ec85-01
content-length: 435
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-307"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a33ac32009c-CDG
expires: Tue, 31 Oct 2023 16:42:54 GMT

GET
H2 200 icon-whatsapp.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
1 KB 40ms
37ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-whatsapp.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e5e27a1794d4b8de7d559602227567a126aa0d72abb4b25a1f8e479f44c2a30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 233
traceresponse: 00-1791ec06f9ec5b2b93da2f5439bbd577-2f39f3ac06bd463c-01
etag: W/"653b7ed3-903"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a34de43009c-CDG
expires: Tue, 31 Oct 2023 16:43:45 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 122ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA9) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:38 GMT
Content-Encoding: gzip
Age: 1283
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (pab/6FA9)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 1_voting_machine_.jpg
www.slate.fr/sites/default/files/ 54 KB
54 KB 48ms
45ms Image
image/jpeg 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/default/files/1_voting_machine_.jpg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b31116e47377530e72eda5bf09a44067cdd42aa24625c7d908d702db28e21b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 288
traceresponse: 00-17932d398389e4ff1f3c85cd38f5bcd6-a2b01c2f521f98a8-01
content-length: 55296
cf-bgj: h2pri
last-modified: Tue, 31 Oct 2023 10:44:05 GMT
server: cloudflare
etag: "6540da75-d800"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34de44009c-CDG
expires: Tue, 31 Oct 2023 16:42:50 GMT

GET
H2 200 subscribe.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/click/ 762 B
548 B 33ms
32ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/click/subscribe.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d96cf614ceabac3ed0457c41be609da682b49d54088829e30d9b6a4d5209c92c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 21
traceresponse: 00-1791ec17c9056e9aa4a11c2f7c4d45a9-475f960df5c37137-01
etag: W/"653b7ed3-2fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a33dc8e009c-CDG
expires: Tue, 31 Oct 2023 16:47:17 GMT

GET
H2 200 slate-fr.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
1 KB 48ms
45ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/slate-fr.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0c858c7e30d98ca41eb80a32ce3db9f30b6c7ea7dd21081f3f0950058b86a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 23
traceresponse: 00-1791ec0d75291f0cf7dc2ea3036b64bd-e9c0b0b7688a5de4-01
etag: W/"653b7ed3-6d9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a34de45009c-CDG
expires: Tue, 31 Oct 2023 16:47:15 GMT

GET
H2 200 slate-purple.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
1 KB 46ms
43ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/slate-purple.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5650aca8af560fe850f843200d212b7d40635fa1416ca7f3fa9a875eab175b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 261
traceresponse: 00-1791ec0d75c14e0b10069e8c4a31a99b-ead53c54b13a7b52-01
content-length: 926
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-69b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34de47009c-CDG
expires: Tue, 31 Oct 2023 16:43:17 GMT

GET
H2 200 korii.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
829 B 53ms
50ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/korii.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf93d5396b63e8b6ef858919d7b9d2064d86cc2cdd9e6db2fa343dd03aad2bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 23
traceresponse: 00-1791ec17c9ab78c93209593ea4866d7c-b44fdb510417f809-01
content-length: 694
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-693"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34de48009c-CDG
expires: Tue, 31 Oct 2023 16:47:15 GMT

GET
H2 200 msq_cookie_sync.js Show response
cdn.mediasquare.fr/scripts/ 2 KB
971 B 124ms
22ms Script
application/javascript 46.105.198.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediasquare.fr/scripts/msq_cookie_sync.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.198.136 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c83cbe5f922ce0117b7c4029124d57d7a9c31b70e7929801a894b8bc9ab7022f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-handled-by: 51.38.63.40
date: Tue, 31 Oct 2023 16:27:28 GMT
content-encoding: br
x-cacheable: Matched cache
x-cache-status: HIT
x-iplb-instance: 35371
x-cdn-pop: rbx1
content-length: 531
x-request-id: 390922413
last-modified: Tue, 11 Aug 2020 12:46:12 GMT
x-iplb-request-id: 33FE29CB:48E4_5B793DAF:01BB_65412AF0_71DBB7:A809
x-cdn-pop-ip: 51.254.41.128/25
etag: "61d-5ac9974bbed00"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:56:51 GMT

GET
H2 200 sdk.js Show response
widget.beop.io/ 4 KB
3 KB 173ms
33ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/sdk.js

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F3E) /

Resource Hash

9c782d93dafb23cb2048f01ad07ad315e42b9ac31e832fd80c143df493cc8bfb

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 16:47:38 GMT
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 31 Oct 2023 16:42:38 GMT
age: 171
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2425
last-modified: Tue, 31 Oct 2023 16:39:47 GMT
server: ECAcc (paa/6F3E)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "11d3-APNzzRYzqCfmB5w53/ZCndyFh7Y+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
x-ocdn-accept-language: fr

GET
H2 200 tweenmax.min.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/vendors/ 105 KB
37 KB 33ms
33ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/vendors/tweenmax.min.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-6, slateprod-core-6
server: cloudflare
age: 23
traceresponse: 00-1791ec35c356bd5d134f93c90759c1c7-b62c78cbb4a3ba20-01
etag: W/"653b7ed3-1a5b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a33dc93009c-CDG
expires: Tue, 31 Oct 2023 16:47:15 GMT

GET
H2 200 main.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 95 KB
38 KB 35ms
34ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/main.js?v=16
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ec1f00b93ac0d17c0c99e59714e56aaabce0f8b4c0d0a3fd3168a36b62b96c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-6, slateprod-core-6
server: cloudflare
age: 112
traceresponse: 00-17931a1c04c263ce00822c2d399aa9d5-2cca784e203a3501-01
etag: W/"653b7ed3-17d82"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a341ce1009c-CDG
expires: Tue, 31 Oct 2023 16:45:46 GMT

GET
H2 200 click.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/click/ 322 B
347 B 29ms
29ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/click/click.js?v=10
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e72c534144029fa5cd4fe30588af356d88ac2576c508a09cc86fa05f046242c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 14
traceresponse: 00-1791ec17c9efeec103a66d7aecd74b3e-0b7b15a4c9289e50-01
content-length: 201
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-142"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a341ce5009c-CDG
expires: Tue, 31 Oct 2023 16:47:24 GMT

GET
H2 200 share.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 693 B
544 B 32ms
31ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/share.js?v=11
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66052cbdbd8e43dae157fa0805b780a0b27877b07da42fd20ccfa693503058ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 23
traceresponse: 00-1791ec17ca7ef6fe8aa0451dc2a03f60-f00997d76d19d786-01
content-length: 358
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-2b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a344d3b009c-CDG
expires: Tue, 31 Oct 2023 16:47:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-7229822-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8L4C7QPQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98edf225677d01ad6cab00cdaa3f121c5f4563503a2aee9fa542ddee62236330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68626
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 15:58:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 16:42:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 133ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8L4C7QPQC&gtm=45je3ap0v9126130088&_p=691802853&_gaz=1&gcd=11l1l1l1l1&cid=1569317685.1698770558&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698770558&sct=1&seg=0&dl=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&dt=Des%20hackers%20remplacent%20les%20publicit%C3%A9s%20des%20bus%20londoniens%20par%20des%20messages%20de%20Palestiniens%20queers%20%7C%20Slate.fr&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8L4C7QPQC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:42:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slate.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 134ms
36ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R8L4C7QPQC&cid=1569317685.1698770558&gtm=45je3ap0v9126130088&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8L4C7QPQC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:42:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slate.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 142ms
55ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8L4C7QPQC&cid=1569317685.1698770558&gtm=45je3ap0v9126130088&aip=1&z=201031678

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 118ms
33ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 16:42:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8di/dW+1ogHQbcEU3SbmyBfucbRbeo+e6evfgHtZTh+gGS/EAYLjPYGTiSvQ16rJw/HmuebVK9K9z1zET7cbaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
0 187ms
40ms Script
application/xml 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com/scripts/Slate_abChoice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
cdn.jokerly.com//scripts/adSelector/ 93 KB
39 KB 70ms
60ms Script
application/javascript 185.104.77.55
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jokerly.com//scripts/adSelector/jquery-1.7.2.min.js
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com/scripts/Slate_abChoice.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.104.77.55 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2016 14:24:09 GMT
Server: nginx/1.10.3
ETag: W/"583ee109-1727b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:42:37 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 95ms
26ms Script
application/javascript 18.66.112.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 08:46:31 GMT
content-encoding: gzip
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 38342
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: n4YLJ46uwr4Fez8Tn9UYcYJ99EHTysr-wlaa2AoKq9JzRoGTOyfvLA==

GET
H2 200 pattern_noise.png
www.slate.fr/sites/all/themes/slatefr/static/images/global/ 1 KB
2 KB 40ms
39ms Image
image/png 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/images/global/pattern_noise.png
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14d78e08b0c002db381a07349d6fada1ef794e14bb4e9fd3bfcd2e83c7ad1a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 21
traceresponse: 00-1791ec17da6c38c5e39c5c6b7a29333b-bd2674b53840385e-01
content-length: 1471
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: "653b7ed3-5bf"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34ee5c009c-CDG
expires: Tue, 31 Oct 2023 16:47:17 GMT

GET
H2 200 icon-mail-plain.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 219 B
324 B 41ms
40ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-mail-plain.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1486265b227749651b2fe6899957c4ebca2931241fa8b7a6900c0888470dc68

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 290
traceresponse: 00-1791ec17daaa929c19d151dc1cc23e11-60db676ac829ba3b-01
content-length: 177
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-db"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34ee5e009c-CDG
expires: Tue, 31 Oct 2023 16:42:48 GMT

GET
H2 200 icon-fb-footer.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 679 B
461 B 40ms
37ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-fb-footer.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2141aae2f0a184dc8bbf09d9ab8031d6ce46fd04e5d4523023c20173cd10488b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 253
traceresponse: 00-1791ec14cb07ae402bc1df104b692169-ef0715e4ec00392c-01
content-length: 328
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-2a7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe6e009c-CDG
expires: Tue, 31 Oct 2023 16:43:25 GMT

GET
H2 200 icon-twitter-footer.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 1 KB
629 B 39ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-twitter-footer.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e72189ab35302cffda4a663cb95a3db63d9ffe5c253556e4a3e18e12a8b4d97

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 253
traceresponse: 00-1791ec14cc2a54a1dc7e5cc21d31e61f-d8c08f6cc2461e1b-01
content-length: 481
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-51f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe72009c-CDG
expires: Tue, 31 Oct 2023 16:43:25 GMT

GET
H2 200 icon-youtube-footer.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 981 B
509 B 63ms
61ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-youtube-footer.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e7f96a0079af276595169b99301fa0cd2a8cc83ff05529f8ef5280f51de2f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 253
traceresponse: 00-1791ec1300eedbc53621dd79cd0c3471-cf3a5844d95cdb39-01
content-length: 387
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-3d5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe75009c-CDG
expires: Tue, 31 Oct 2023 16:43:25 GMT

GET
H2 200 icon-instagram-footer.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 3 KB
1 KB 53ms
51ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-instagram-footer.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6957fd4f835537912ad562fa593b00090249c52b665e0ced1daffd4724d4f27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 253
traceresponse: 00-1791ec15ef6d9d3fcf95a8d5587907f7-55e04eb9e8fdfad3-01
etag: W/"653b7ed3-c72"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a34fe76009c-CDG
expires: Tue, 31 Oct 2023 16:43:25 GMT

GET
H2 200 fr.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
866 B 41ms
38ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/fr.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b08517a448adb1112a81fe120e683fba3b060b7aacb3758db70aa8ad615ab74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-6, slateprod-core-6
age: 245
traceresponse: 00-1791ec12eca9f97c2d3c4f9c130e7b1b-bcb3ab1ec10eefee-01
content-length: 654
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-6d7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe77009c-CDG
expires: Tue, 31 Oct 2023 16:43:33 GMT

GET
H2 200 icon-search.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 1 KB
487 B 62ms
60ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/icon-search.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc1ae6cef876ea9410c4a9fd67f9f7cc3b2adcc2902c652aaf39e554aecfe8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 245
traceresponse: 00-1791ec12e872e81c072dffa3617c9ebf-10d3cde60fe3dfee-01
etag: W/"653b7ed3-491"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a34fe7d009c-CDG
expires: Tue, 31 Oct 2023 16:43:33 GMT

GET
H2 200 gt-walsheim-bold.woff2
www.slate.fr/sites/all/themes/slatefr/static/fonts/gt-walsheim/ 42 KB
42 KB 41ms
39ms Font
font/woff2 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/fonts/gt-walsheim/gt-walsheim-bold.woff2
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff008dc80dfe6b5cdade5c9eaeb676e6bbb8b3cbd634252e503c52064a962bd4

Request headers

Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Origin: https://www.slate.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 51
traceresponse: 00-1791ec3827e7aa0b6e33ea39d93027dc-52dd2fb74969d73c-01
content-length: 43188
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: "653b7ed3-a8b4"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe78009c-CDG
expires: Tue, 31 Oct 2023 16:46:47 GMT

GET
H2 200 gt-walsheim-medium.woff2
www.slate.fr/sites/all/themes/slatefr/static/fonts/gt-walsheim/ 40 KB
40 KB 53ms
52ms Font
font/woff2 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/fonts/gt-walsheim/gt-walsheim-medium.woff2
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41300fa62fa77d9ef9f16c6e922888449cd7ea48549265139c9ccc4434816be0

Request headers

Referer: https://www.slate.fr/sites/all/themes/slatefr/styles/main.css?v=118
Origin: https://www.slate.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
x-platform-server: slateprod-core-7, slateprod-core-7
age: 57
traceresponse: 00-1791ec382e72462b0587a1ee01c0fb7a-3f9ef9480e08b065-01
content-length: 40564
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: "653b7ed3-9e74"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a34fe7b009c-CDG
expires: Tue, 31 Oct 2023 16:46:41 GMT

GET
H2 200 EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v18/ 34 KB
35 KB 106ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb373bde18855c82a0ebf2946ea661ebd0be58a7fbabdf20f7744ecd9c0a9cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.slate.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:46:03 GMT
x-content-type-options: nosniff
age: 294995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34896
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:54:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 06:46:03 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 152ms
70ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.slate.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 03:59:09 GMT
x-content-type-options: nosniff
age: 477809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 03:59:09 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 128ms
30ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Nov 2023 16:42:38 GMT

GET
H2 200 wrapper.js Show response
tag.agrvt.com/tag/v2/ 6 KB
2 KB 87ms
14ms Script
text/javascript 46.105.201.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.agrvt.com/tag/v2/wrapper.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 91d538bf273570bb11705832db52fa65da8692b3154f6e24f51d69e75e078c32

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:02:04 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-cdn-pop: rbx1
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2046
x-request-id: 500925984

GET
H/1.1 200
OK ownpage.js Show response
script.ownpage.fr/v1/ 2 KB
2 KB 122ms
25ms Script
text/javascript 13.225.78.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ownpage.fr/v1/ownpage.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-25.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 05:33:37 GMT
Content-Encoding: gzip
Via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 40143
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1034
Last-Modified: Thu, 13 Apr 2023 10:24:10 GMT
Server: AmazonS3
ETag: "a6409c1d464fdacb43f768d50c23945e"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 5OW2Rij-BD7yz7hgBUgAfXai9WMZVL_IJUvAYbcdpNJeblOeRPR7uA==

GET
H2 200 pexels-jakob-scholz-808846.jpg
www.slate.fr/sites/default/files/styles/1060x523/public/ 148 KB
148 KB 33ms
33ms Image
image/jpeg 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/default/files/styles/1060x523/public/pexels-jakob-scholz-808846.jpg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981f6fce014a154a64994620025a65ec31fc8ed031eab160ab453ea11b743689

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
x-platform-server: slateprod-core-5, slateprod-core-5
age: 10
traceresponse: 00-17932d5ab82507f08b76c18bbb874a6c-ebb58a7c33b8c40a-01
content-length: 151045
cf-bgj: h2pri
last-modified: Tue, 31 Oct 2023 10:52:20 GMT
server: cloudflare
etag: "6540dc64-24e05"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a3689f7009c-CDG
expires: Tue, 31 Oct 2023 16:47:28 GMT

GET
H/1.1

200
OK

profile Show response
api.consentframework.com/api/v1/public/
Redirect Chain

https://api.consentframework.com/api/v1/public/profile?origin=https://www.slate.fr
https://api.consentframework.com/api/v1/public/profile?bounce=1

40 B
411 B

29ms
28ms

Fetch
application/json

2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/profile?bounce=1

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

HTTP/1.1

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:38 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.slate.fr
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 40

Redirect headers

Date: Tue, 31 Oct 2023 16:42:38 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.slate.fr
Location: https://api.consentframework.com/api/v1/public/profile?bounce=1
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 86

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.slate.fr/ 2 KB
2 KB 61ms
37ms XHR
text/javascript 2606:4700:e0::ac40:6606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.slate.fr/scripts.js
Requested by: Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04955b2ca7543611e9249307a62c5d66797f47f7218a15b7e2862cda797b43b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4996
x-amzn-requestid: 07c23c78-8245-46dc-9aee-559539078ec8
x-amz-apigw-id: NrEnMHsODoEEFaw=
content-length: 1581
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Oct 2023 11:22:54 GMT
server: cloudflare
etag: 53dv3AryUJGg7C3Qg6mbYA==
x-amzn-trace-id: Root=1-65411afa-0085cada5739cd5a43d4681e;Sampled=0;lineage=388d0713:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd5H3ODMjCu18N7xXeS2fAhxGHCrU4iIb3%2FpVZgb8azcQbbTIe9XbO2aAeDgdJQG5lXLLeQMd50RiPIy2CAgKWemglz9mqIWT8%2BGN4KM%2BawuXmALRXNfhDX8NxQGXPMGnOG7ma7W7O9Bo6cJkMEec8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=300, no-transform
accept-ranges: bytes
cf-ray: 81ed5a36ff3f76d7-LHR

GET
H2 200 vendors~app-71ba2833099065e18e6b.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 51 KB
18 KB 32ms
32ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/vendors~app-71ba2833099065e18e6b.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/main.js?v=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785e0befb28786086717cefd51807e97b57ddc4dc5661cff5fad41ca880ccfb1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-7, slateprod-core-7
server: cloudflare
age: 20
traceresponse: 00-1791ec2fff2c5ffc92761f3fa4169faa-b4410d44f820a347-01
etag: W/"653b7ed3-cba9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a36fab8009c-CDG
expires: Tue, 31 Oct 2023 16:47:18 GMT

GET
H2 200 app-f7f3dfe52361752172d9.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 39 KB
9 KB 31ms
30ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/app-f7f3dfe52361752172d9.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/main.js?v=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4142d9557a7dc22a15ff9053de531d7deb7c26df7e8ab728f3357d98b233da5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-7, slateprod-core-7
server: cloudflare
age: 20
traceresponse: 00-1791ec2fff4e5193a541a1ed4a6d880f-7b47881be39555e1-01
etag: W/"653b7ed3-9d7a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a36fabb009c-CDG
expires: Tue, 31 Oct 2023 16:47:18 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame AC77 319 KB
104 KB 20ms
20ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.slate.fr
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FAF) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.slate.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1886989
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Oct 2023 16:42:38 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FAF)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 / Show response
scripts.opti-digital.com/pfc/ 119 KB
30 KB 47ms
47ms Script
text/javascript 2606:4700::6812:334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.opti-digital.com/pfc/?pubid=21685585667
Requested by: Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/tags/?site=slate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76831912633f89ba10d5721024226f15d5ba06ad5c667dfb00e2f3e56538218f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 23:19:39 GMT
server: cloudflare
cf-polished: origSize=123729
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-cloud-trace-context: e495a412e0b798601aeb358dfa6c2946
cache-control: public, max-age=7200
cf-ray: 81ed5a371d1e3cc9-CDG
expires: Tue, 31 Oct 2023 18:42:38 GMT

GET
H2 200 714463525321423 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/714463525321423?v=2.9.135&r=stable&domain=www.slate.fr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfe44fcaefe023a8af443283b25c4dad1f086840a09d48203b9937925426f2b8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 16:42:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35308
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Y+CFWUuvoMKmglTpNhqn4fBMkr68LyTjyHFiogq0iLJTk6eqhswYi9XCT3CHaiJihHN0PcWCYMrX71/VwC9spw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cc49c918864ae382058f.js Show response
widget.beop.io/fr/public/chunks/10.5.1/ 189 KB
58 KB 51ms
49ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/fr/public/chunks/10.5.1/cc49c918864ae382058f.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F9A) /

Resource Hash

67d62201501f1244da87e47b7905852a76ea38350d93ccb090b1bc6bd6ce85db

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 16:42:38 GMT
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 31 Oct 2023 16:42:38 GMT
age: 18544
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59710
last-modified: Tue, 31 Oct 2023 11:33:34 GMT
server: ECAcc (paa/6F9A)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "2f2d7-0Dn/yx0gqFAKdvkMCc0TeYPRpM8+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-ocdn-accept-language: fr

GET
H2 200 2e8bf473b53fd09ee829.js Show response
widget.beop.io/fr/public/chunks/10.5.1/ 112 KB
31 KB 22ms
21ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/fr/public/chunks/10.5.1/2e8bf473b53fd09ee829.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F34) /

Resource Hash

5db0294813ff705274b117cf033b0fb05da97e5a2fa314951a24f254716bbec5

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 16:42:38 GMT
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 31 Oct 2023 16:42:38 GMT
age: 18544
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31218
last-modified: Tue, 31 Oct 2023 11:33:34 GMT
server: ECAcc (paa/6F34)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "1c1a7-oZrBmPmXTCY2OIFJ84BA7H+YPmI+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-ocdn-accept-language: fr

GET
H2 200 collect.min.js Show response
tag.agrvt.com/tag/v2/ 7 KB
3 KB 15ms
14ms Script
text/javascript 46.105.201.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.agrvt.com/tag/v2/collect.min.js
Requested by: Host: tag.agrvt.com
URL: https://tag.agrvt.com/tag/v2/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f297867348fadd89e500fd3cc5ed90ce8a23f3e209fa7d265ad216c3a949fd6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:02:04 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-cdn-pop: rbx1
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2342
x-request-id: 628621366

GET
H/1.1 200
OK jkFbASQ.js Show response
cdn.jokerly.com//scripts/ 122 KB
40 KB 44ms
44ms Script
application/javascript 185.104.77.55
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jokerly.com//scripts/jkFbASQ.js
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com/scripts/Slate_abChoice.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.104.77.55 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 30d07146fd3e6ff9ce893687aef1649c00cd40a6eb30537ac50387607f8154db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 15:25:53 GMT
Server: nginx/1.10.3
ETag: W/"651ed581-1e9d0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:42:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7229822-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 15:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 31 Oct 2023 17:49:42 GMT

GET
H2 200 hits
api.ownpage.fr/v1/collect/ 0
325 B 122ms
38ms Image
image/png 52.210.234.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.ownpage.fr/v1/collect/hits?client_key=fa6344252432420c&url=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&cookie_id=875d6bba869d9f01

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.234.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-234-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-runtime: 0.003949
date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
content-type: image/png
x-xss-protection: 0
x-request-id: 4864d885-de86-4f76-bef2-5d57a0a17195

GET
H2 200 rules-p-wmHYJbTCYsARY.js Show response
rules.quantcount.com/ 3 KB
2 KB 100ms
32ms Script
application/javascript 2600:9000:223c:9200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-wmHYJbTCYsARY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23a4a55739ab4191e58e6c2afa99c4c60e69454bdeb905a99c2aca372e82619c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:08:44 GMT
content-encoding: gzip
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 23:45:14 GMT
server: AmazonS3
etag: W/"c2d75a23c4c21962f63144125485f54b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: K9xsRAlvIHLgT99x0JP6QqduOOy2VVgioVtcV3hG1N4ycmV1dXhUdQ==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame AC77 869 B
658 B 187ms
130ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8657b01d75a0dda3dfca00ec06afc85fa60cfd33

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.slate.fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 31 Oct 2023 16:42:38 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: d99aaec1dd75c872
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 91a183eeca562854866399cdc7a52e72c57b429e5ce520ddb254de870f28ed4c
content-length: 337

GET
H2 200 vendors~module-slideshow-manager-860d23f74f220ea900c0.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 20 KB
8 KB 36ms
35ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/vendors~module-slideshow-manager-860d23f74f220ea900c0.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/main.js?v=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729863a7ec42d41fb4263f4d744742e8945be4dd90ca97b490d52f36997d6442

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-7, slateprod-core-7
server: cloudflare
age: 300
traceresponse: 00-1791ec19b23cd97a247172c48d05b968-25f5a2f15cb9c0f0-01
etag: W/"653b7ed3-5081"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a38ce31009c-CDG
expires: Tue, 31 Oct 2023 16:42:38 GMT

GET
H2 200 module-slideshow-manager-0d3bc74e5b59075c25f3.js Show response
www.slate.fr/sites/all/themes/slatefr/scripts/ 6 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/module-slideshow-manager-0d3bc74e5b59075c25f3.js
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/sites/all/themes/slatefr/scripts/main.js?v=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fe36c43ae07ab204a8cb1be37196d8166b22ff06c1feab5674b4ca2dad5ca8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
x-platform-server: slateprod-core-6, slateprod-core-6
age: 293
traceresponse: 00-1791ec19b2ca7baeb3910ee87a18b0a0-5885b140c5ce8f68-01
content-length: 1924
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
server: cloudflare
etag: W/"653b7ed3-16b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 81ed5a38ce34009c-CDG
expires: Tue, 31 Oct 2023 16:42:45 GMT

GET
H2 200 slate-white.svg
www.slate.fr/sites/all/themes/slatefr/static/svg/ 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::ac43:9f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.slate.fr/sites/all/themes/slatefr/static/svg/slate-white.svg
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ff49eaf35182c5555b7fc827cce66e5af4276dc8097b0f4befa5fa90f42b03b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:11:47 GMT
x-platform-server: slateprod-core-5, slateprod-core-5
server: cloudflare
age: 299
traceresponse: 00-1791ec19b28f79a9a9a65dc43a008f93-dab0f7daf799b7c0-01
etag: W/"653b7ed3-698"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 81ed5a38ce35009c-CDG
expires: Tue, 31 Oct 2023 16:42:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 71ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=714463525321423&ev=PageView&dl=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&rl=&if=false&ts=1698770558943&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698770558940.1265716374&ler=empty&it=1698770558580&coo=false&rqm=GET

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 16:42:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK tcstring Show response
api.consentframework.com/api/v1/public/ 25 B
444 B 27ms
27ms Fetch
application/json 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/tcstring

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/23723/c/dWua2/cmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:38 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.slate.fr
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 25

GET
H/1.1 200
OK vpevents-prod.js Show response
cdn.jokerly.com/scripts/ 4 KB
2 KB 28ms
26ms Script
application/javascript 185.104.77.55
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jokerly.com/scripts/vpevents-prod.js
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com//scripts/jkFbASQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.104.77.55 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 0024b4ce72866df3fe3ea249ef03b3fc01d4235f500549f8af972600fd07a09a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 12:19:50 GMT
Server: nginx/1.10.3
ETag: W/"6294b666-1050"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:42:37 GMT

GET
H/1.1 200
OK viewPayCadre.css
cdn.jokerly.com/css/ 2 KB
1 KB 55ms
27ms Stylesheet
text/css 185.104.77.55
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jokerly.com/css/viewPayCadre.css
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com//scripts/jkFbASQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.104.77.55 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: fa62efce64ff47c59c6fde707c7a795c7917ceaeb1d92baa1397b9757e6e8b0c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 10:52:37 GMT
Server: nginx/1.10.3
ETag: W/"646b4975-985"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:42:37 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
0 162ms
68ms Script
application/xml 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com//scripts/jkFbASQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 40ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=691802853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&ul=en-us&de=UTF-8&dt=Des%20hackers%20remplacent%20les%20publicit%C3%A9s%20des%20bus%20londoniens%20par%20des%20messages%20de%20Palestiniens%20queers%20%7C%20Slate.fr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=1123182207&gjid=1767260214&cid=1569317685.1698770558&tid=UA-7229822-2&_gid=1017839576.1698770559&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&cd1=Slate.fr&jsscut=1&z=293622385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:42:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slate.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK events
app-preprod.jokerly.com/event.server/v1/ Frame 0
0 68ms
19ms Preflight 13.36.164.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-preprod.jokerly.com/event.server/v1/events
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.36.164.167 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-164-167.eu-west-3.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.slate.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-version, content-type, request-id, origin, x-api-version, x-request-id DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.slate.fr
Access-Control-Max-Age: 3600 1728000
Allow: GET, POST
Connection: keep-alive
Date: Tue, 31 Oct 2023 16:42:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Via: kong/2.4.1
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 0

POST
H/1.1 200
OK events Show response
app-preprod.jokerly.com/event.server/v1/ 25 B
1 KB 85ms
40ms XHR
application/json 13.36.164.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-preprod.jokerly.com/event.server/v1/events
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com//scripts/jkFbASQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.36.164.167 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-164-167.eu-west-3.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ace76eaa33319417de6150f090c8ae07123575b698e3b74c46d1d1e6f803d2a3

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Via: kong/2.4.1
Content-MD5: aEklOXa5wAW8V9QO6sN76Q==
X-Kong-Proxy-Latency: 0
Transfer-Encoding: chunked
Response-Time: 7
X-Kong-Upstream-Latency: 12
Connection: keep-alive
Request-Id: 194bc0bb-8522-4544-b35e-67d6e24588c2
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.slate.fr
Access-Control-Expose-Headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
Access-Control-Allow-Credentials: true
Api-Version: 1.0.0
Access-Control-Allow-Headers: X-Requested-With, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H/1.1 200
OK consent-string Show response
api.consentframework.com/api/v1/public/ 268 B
600 B 99ms
37ms Fetch
application/json 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/consent-string

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/23723/c/dWua2/cmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

5693450c3f66266ed840d6f27d710e256efbc2ed2c007bcfee3cd70ce8107732

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.slate.fr
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 268

POST
H2 200 pageview Show response
analytics.optidigital.com/ 0
292 B 508ms
32ms XHR
text/plain 35.244.149.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.optidigital.com/pageview
Requested by: Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/tags/?site=slate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.149.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.149.244.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:42:39 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ 0
535 B 488ms
29ms Script
text/plain 51.15.145.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=23723&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&r=&rand=1698770559249&gdpr=1&gdpr_consent=CP0gqMAP0gqMABcAIBENDdCgAAAAAH_AAAqIIzQAARmgbgALgAcAB4AFQALgAcgA-AEAAJIAYgBlADQANQAeABEACOAEyAJ4AoQBcAF0AMQAZgA0ABvAD8AISARABEgDDgGUAZYA0QBzwD7AP0AhABFACLQEcAR0Ap4BVwC5gF1ALyAX0AxQBogDXgG0AOoAf8BHoCYgFDgKaAVyAtQBeYDBAGLAMkAabA5MDlAAAA&globalscope=false&cookieless_optout=0&tbp=true

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/23723/c/dWua2/cmp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.115 , France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 16:42:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b2
sb.scorecardresearch.com/ 0
224 B 29ms
28ms Image
text/plain 18.66.112.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14078442&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698770558648&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=FR&cs_cmp_nc=1&cs_cmp_id=92&cs_cmp_sv=8&cs_cmp_rt=471&cs_fpcd=1&c7=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&c8=Des%20hackers%20remplacent%20les%20publicit%C3%A9s%20des%20bus%20londoniens%20par%20des%20messages%20de%20Palestiniens%20queers%20%7C%20Slate.fr&c9=
Requested by: Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-37.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:39 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: uqkf9a4CzD62UK7nRKFaq-rDBnt81pIK9_ynaFpAD6cXNuVYBZCW1g==
x-cache: Miss from cloudfront

POST
H/1.1 200
OK user-action Show response
api.consentframework.com/api/v1/public/ 0
283 B 92ms
34ms Fetch 2a01:4f8:fff3:f::
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/23723/c/dWua2/cmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.slate.fr
Date: Tue, 31 Oct 2023 16:42:39 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=15724800; includeSubDomains
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7229822-2&cid=1569317685.1698770558&jid=1123182207&gjid=1767260214&_gid=1017839576.1698770559&_u=4CDAAUAAAAAAACAAI~&z=1576729580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Oct 2023 16:42:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slate.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dWua2_1596553642.svg
cdn.consentframework.com/cmp/images/pa/ 2 KB
1 KB 462ms
27ms Image
image/svg+xml 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentframework.com/cmp/images/pa/dWua2_1596553642.svg

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Bordeaux, France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

c8a03221b40013b330ec5965d4b8b976e1e86a4b5fe92a47d4aa95ed992e414f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 04 Aug 2020 15:07:22 GMT
Server: nginx/1.20.2
ETag: W/"5f2979aa-6fb"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive

GET
H/1.1 200
OK BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
cdn.sirdata.io/cmp/fonts/roboto-slab/ 30 KB
31 KB 461ms
29ms Font
font/woff2 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sirdata.io/cmp/fonts/roboto-slab/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

Requested by

Host: www.slate.fr
URL: https://www.slate.fr/story/255641/hackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Bordeaux, France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.slate.fr/
Origin: https://www.slate.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Last-Modified: Tue, 31 Oct 2023 05:47:15 GMT
Server: nginx/1.20.2
ETag: "654094e3-78dc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30940

GET
H/1.1 200
OK tweet.2d13d9c81f3c2ba95ef78654d9a09632.js Show response
platform.twitter.com/js/ 8 KB
3 KB 23ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2d13d9c81f3c2ba95ef78654d9a09632.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F93) /
Resource Hash: c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2724
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (pab/6F93)
Etag: "f98aa7152272757269c4c8178e28219f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tr.htm Show response
pro.jokerly.com/Okidak/ 102 B
723 B 425ms
28ms XHR
text/html 185.104.77.61
ASI-EFISENS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.jokerly.com/Okidak/tr.htm?webEditor=3f60707e249f5052&type=40&source=mobile&stats&performance=NaN&perf_type=0&typeDevice=0
Requested by: Host: cdn.jokerly.com
URL: https://cdn.jokerly.com//scripts/adSelector/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.77.61 Vitry-sur-Seine, France, ASN28774 (ASI-EFISENS, FR),
Reverse DNS
Software: nginx/1.2.1 /
Resource Hash: 764909ae47442858a597a0d4c776a0af92376ac78537e667b0247d8aaf452be8

Request headers

Accept: */*
Referer: https://www.slate.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Server: nginx/1.2.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: https://www.slate.fr
X-Upstream: LP-WEB01
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Language: fr
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cookie_sync Show response
pbs-front.mediasquare.fr/ Frame 4FCE 0
477 B 93ms
38ms Document
text/html 137.74.125.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs-front.mediasquare.fr/cookie_sync?type=iframe&origin=publisher&gdpr=1&gdpr_consent=CP0gqMAP0gqMABcAIBENDdCgAAAAAH_AAAqIIzQAARmgbgALgAcAB4AFQALgAcgA-AEAAJIAYgBlADQANQAeABEACOAEyAJ4AoQBcAF0AMQAZgA0ABvAD8AISARABEgDDgGUAZYA0QBzwD7AP0AhABFACLQEcAR0Ap4BVwC5gF1ALyAX0AxQBogDXgG0AOoAf8BHoCYgFDgKaAVyAtQBeYDBAGLAMkAabA5MDlAAAA
Requested by: Host: cdn.mediasquare.fr
URL: https://cdn.mediasquare.fr/scripts/msq_cookie_sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 137.74.125.156 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slate.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.slate.fr
content-encoding: gzip
content-length: 23
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:42:39 GMT
p3p: policyref="https://www.mediasquare.fr/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-iplb-instance: 40789
x-iplb-request-id: 253BA46E:BDDA_894A7D9C:01BB_65412E7F_8757C3C:4999

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 9A4C 345 B
918 B 23ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F93) /
Resource Hash: 7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer: https://www.slate.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 747
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Oct 2023 16:42:39 GMT
Etag: "f6d70a110dacf784d914a7bbb2a7d61b"
Last-Modified: Sat, 07 Oct 2023 22:50:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6F93)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK embed.runtime.30e39e232aef74d6b314.js Show response
platform.twitter.com/embed/ Frame 9A4C 9 KB
5 KB 19ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F83) /
Resource Hash: 54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4231
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6F83)
Etag: "a94f2c8e562dd94ba8264b04299bbc31+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9449.143d97ea3ade6f4824dc.js Show response
platform.twitter.com/embed/ Frame 9A4C 488 KB
160 KB 40ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F8A) /
Resource Hash: d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 162768
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6F8A)
Etag: "a096d4d712d8664b5f72fc16777f624e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.61c9a11318b778002223.js Show response
platform.twitter.com/embed/ Frame 9A4C 33 KB
14 KB 80ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA7) /
Resource Hash: a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 14004
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6FA7)
Etag: "72cf5b19f8c06f163ed659346b6c0234+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 9A4C 19 KB
7 KB 23ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FB1) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6FB1)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js Show response
platform.twitter.com/embed/ Frame 9A4C 4 KB
2 KB 23ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FAB) /
Resource Hash: dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1583
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6FAB)
Etag: "11ef2c964d5d614da8c769c495a8855b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js Show response
platform.twitter.com/embed/ Frame 9A4C 35 KB
12 KB 23ms
23ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F96) /
Resource Hash: a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11289
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6F96)
Etag: "df117930505b95292615fd76b0e9369c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9203.97b040640e3b329435c9.js Show response
platform.twitter.com/embed/ Frame 9A4C 267 KB
82 KB 36ms
36ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F85) /
Resource Hash: 1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:39 GMT
Content-Encoding: gzip
Age: 1887007
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 83738
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6F85)
Etag: "691b9586fce0d937b25fcf4f3130bc97+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.af3480c242f6c21a47e5.js Show response
platform.twitter.com/embed/ Frame 9A4C 88 KB
21 KB 42ms
41ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F88) /
Resource Hash: 37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1717835499677581631&lang=en&origin=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&sessionId=8657b01d75a0dda3dfca00ec06afc85fa60cfd33&siteScreenName=Slatefr&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:42:40 GMT
Content-Encoding: gzip
Age: 1887008
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 20752
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (pab/6F88)
Etag: "984e7cbd45e0ff91dc7b610ed59f333d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 9A4C 3 KB
2 KB 91ms
19ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1717835499677581631&lang=en&token=45wqm8sbpq&qooggl=4f689jfuhkqa&lo4o72=wm8yeix4sdao&2os1k8=23h8h710s40c&1ce7t1=1vj8lc5npp0r&vxwu3m=hvv9y5872lrd

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (pab/6F8D) / Express

Resource Hash

873f448a931c865357b5cd844dd73c99684d69fc1722b2db4b2e2018c4e236c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 27
x-powered-by: Express
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1093
x-response-time: 147
last-modified: Tue, 31 Oct 2023 16:42:13 GMT
server: ECS (pab/6F8D)
etag: W/"da4-jzP+mN6UhQgN85ll6bSidI/0zhk"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: c49fb7e3afd6f1f9
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: c45ece2991581b7add1953e75713e577740622a957733b8298b0d785cbc610a1
accept-ranges: bytes
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 1f4e2.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9A4C 584 B
513 B 89ms
20ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f4e2.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8fd5d13b84d5f3e43e800f3bbc3fe0e362b9f062690ee944c48c5ce7994474b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 16:42:40 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 353
x-served-by: cache-fty21320-FTY, cache-lcy-eglc8600026-LCY
last-modified: Wed, 21 Feb 2018 22:31:05 GMT
etag: "BjS18BqIoBIb7Qcneegb1g=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 4a9bc0e5779c651b
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:41:11 GMT

GET
H2 200 1f687.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9A4C 1 KB
910 B 87ms
19ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f687.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

028d2fb13cb369f8dc853cb7225848bedda402382855be5e76fd2b3f8617f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 16:42:40 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 508
x-served-by: cache-fty21369-FTY, cache-lcy-eglc8600026-LCY
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
etag: "L8ZXCHG7/VRa/0+qcfWOwQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: d9d2d69908be6259
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 03 Sep 2024 11:05:24 GMT

GET
H2 200 1f68c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9A4C 1 KB
803 B 90ms
22ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f68c.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fce1e44dba22837c7c5a0f4c62ed4c01b79def2d3b962f6361c4169358c21cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 16:42:40 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 531
x-served-by: cache-fty21353-FTY, cache-lcy-eglc8600026-LCY
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
etag: "nbEgaizLEtZ76i1HzD4NBw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b5cbc571350ec1c4
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:44:34 GMT

GET
H2 200 1f68f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9A4C 715 B
518 B 89ms
21ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f68f.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04f76a398213119f80480621e3365d2c381a81853314b6f9787913f69c95ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 16:42:40 GMT
x-cache: HIT, HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 340
x-served-by: cache-fty21349-FTY, cache-pdk-kpdk1780043-PDK, cache-lcy-eglc8600026-LCY
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
etag: "k/aQSDVpnpspZ20YyumrxQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 8a5dcdd943ff4dce
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 02 Oct 2024 10:27:15 GMT

GET
H2 200 1f1f5-1f1f8.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9A4C 396 B
424 B 88ms
21ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f1f5-1f1f8.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ec253d5f88871eeb1938a94543beaa7b84e7e4831335292938f7eeb5825e987

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 16:42:40 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 264
x-served-by: cache-fty21353-FTY, cache-lcy-eglc8600026-LCY
last-modified: Wed, 21 Feb 2018 22:30:47 GMT
etag: "ivk0dw1LJhK32hDEu4xIbQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 3d8c1c199272c54e
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:28:57 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 9A4C 43 B
146 B 131ms
131ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1698770560423%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22Slatefr%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221717835499677581631%22%5D%2C%22item_details%22%3A%7B%221717835499677581631%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 31 Oct 2023 16:42:40 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 31 Oct 2023 16:42:40 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 060c6584835b0f2a
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 91a183eeca562854866399cdc7a52e72c57b429e5ce520ddb254de870f28ed4c
content-length: 43

GET
H2 200 PR3OSqvu_normal.jpg
pbs.twimg.com/profile_images/1637209188693598209/ Frame 9A4C 2 KB
2 KB 123ms
61ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1637209188693598209/PR3OSqvu_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

016445a54df7b9433b93de4ee2515b425a9adba11cdf385ed6707d9d2f1a8f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 31 Oct 2023 16:42:40 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1959
x-served-by: cache-lhr7356-LHR, cache-fra-eddf8230125-FRA, cache-tw-ZZZ1
last-modified: Sat, 18 Mar 2023 21:45:43 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e395491364fcb553
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F9b5g_hWwAAw0VN
pbs.twimg.com/media/ Frame 9A4C 7 KB
7 KB 117ms
63ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/F9b5g_hWwAAw0VN?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

141462b7a3d6711df2a7e94c3b3a931be9d143e81c8be44d11e6d5b0bd1ac575

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 31 Oct 2023 16:42:40 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 7514
x-served-by: cache-lhr7331-LHR, cache-fra-eddf8230125-FRA, cache-tw-ZZZ1
last-modified: Fri, 27 Oct 2023 09:22:31 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ce0fe289a454a12e
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F9b5r0BW4AA01Fq
pbs.twimg.com/media/ Frame 9A4C 8 KB
8 KB 90ms
44ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/F9b5r0BW4AA01Fq?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80a555dedc78e12486941d60d456c06ec632eaaef3844e680ebaa7a896a7c147

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 31 Oct 2023 16:42:40 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 8167
x-served-by: cache-lhr7353-LHR, cache-fra-eddf8230125-FRA, cache-tw-ZZZ1
last-modified: Fri, 27 Oct 2023 09:23:16 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: a02e5e9f1b7a1006
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F9b5g_hWwAAw0VN
pbs.twimg.com/media/ Frame 9A4C 37 KB
37 KB 75ms
46ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/F9b5g_hWwAAw0VN?format=jpg&name=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

557b4b74b16f3738f7468e43e288d018078eb0be1cc4301aecca1ca809bac6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 31 Oct 2023 16:42:40 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 38254
x-served-by: cache-lhr7330-LHR, cache-fra-eddf8230125-FRA, cache-tw-ZZZ1
last-modified: Fri, 27 Oct 2023 09:22:31 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: a2260a0af31f29c9
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F9b5r0BW4AA01Fq
pbs.twimg.com/media/ Frame 9A4C 43 KB
44 KB 48ms
22ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/F9b5r0BW4AA01Fq?format=jpg&name=small

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ebaa4e4cad9fc8740b1e614713c267262e9984182b22564b9c18038cb1493c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 31 Oct 2023 16:42:40 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 44345
x-served-by: cache-lhr7324-LHR, cache-fra-eddf8230125-FRA, cache-tw-ZZZ1
last-modified: Fri, 27 Oct 2023 09:23:16 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2a9a57a553b5bee7
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 9A4C 43 B
94 B 127ms
126ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1698770560697%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22Slatefr%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221717835499677581631%22%5D%2C%22item_details%22%3A%7B%221717835499677581631%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A975.7000007629395%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 31 Oct 2023 16:42:40 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 31 Oct 2023 16:42:40 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 578920514cc1a92a
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 91a183eeca562854866399cdc7a52e72c57b429e5ce520ddb254de870f28ed4c
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 24ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8L4C7QPQC&gtm=45je3ap0v9126130088&_p=691802853&gcd=11l1l1l1l1&cid=1569317685.1698770558&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698770558&sct=1&seg=0&dl=https%3A%2F%2Fwww.slate.fr%2Fstory%2F255641%2Fhackers-remplacent-publicites-bus-londres-lgbt-palestiniens-queer&dt=Des%20hackers%20remplacent%20les%20publicit%C3%A9s%20des%20bus%20londoniens%20par%20des%20messages%20de%20Palestiniens%20queers%20%7C%20Slate.fr&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8L4C7QPQC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.slate.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:42:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slate.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

389 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.slate.fr/	1970-01-21 01:22:14	Name: _ga_R8L4C7QPQC Value: GS1.1.1698770558.1.0.1698770558.60.0.0
.ads.stickyadstv.com/	1970-01-20 16:36:02	Name: UID Value: 9ac616d89bab1d7fa2ab6e7dafa8ee5
.consentframework.com/	1970-01-20 15:52:50	Name: euconsent-v2 Value: NO_CONSENT
.slate.fr/	1970-01-21 00:38:26	Name: ownpage_fp2 Value: 875d6bba869d9f01
.slate.fr/	1970-01-20 18:02:26	Name: _fbp Value: fb.1.1698770558940.1265716374
.slate.fr/	1970-01-21 01:28:50	Name: _ga Value: GA1.2.1569317685.1698770558
.slate.fr/	1970-01-20 15:54:16	Name: _gid Value: GA1.2.1017839576.1698770559
.slate.fr/	1970-01-20 15:52:50	Name: _gat_gtag_UA_7229822_2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors http://.slate.fr https://.slate.fr https://.mnhn.fr https://.museedelhomme.fr http://mdh.preprod.mnhn.insite.coop https://mdh.preprod.mnhn.insite.coop
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs-0.twimg.com
ads.stickyadstv.com
analytics.optidigital.com
api.consentframework.com
api.ownpage.fr
app-preprod.jokerly.com
applets.ebxcdn.com
cdn.consentframework.com
cdn.jokerly.com
cdn.mediasquare.fr
cdn.sirdata.io
cdn.syndication.twimg.com
choices.consentframework.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.cookieless-data.com
pbs-front.mediasquare.fr
pbs.twimg.com
platform.twitter.com
pro.jokerly.com
region1.analytics.google.com
rules.quantcount.com
sb.scorecardresearch.com
script.ownpage.fr
scripts.opti-digital.com
secure.quantserve.com
stats.g.doubleclick.net
syndication.twitter.com
tag.agrvt.com
widget.beop.io
www.facebook.com
www.google-analytics.com
www.google.fr
www.googletagmanager.com
www.slate.fr
104.244.42.8
104.244.43.131
13.225.78.25
13.36.164.167
137.74.125.156
152.199.23.151
18.66.112.37
185.104.77.55
185.104.77.61
2001:4860:4802:32::36
212.129.3.112
2600:9000:223c:9200:6:44e3:f8c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:9f4
2606:4700:20::ac43:4a69
2606:4700::6812:334
2606:4700:e0::ac40:6606
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9b
2a01:4f8:fff3:f::
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:8d::159
35.244.149.29
46.105.198.136
46.105.201.224
51.15.145.115
52.210.234.226
95.101.54.217
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0024b4ce72866df3fe3ea249ef03b3fc01d4235f500549f8af972600fd07a09a
016445a54df7b9433b93de4ee2515b425a9adba11cdf385ed6707d9d2f1a8f8d
028d2fb13cb369f8dc853cb7225848bedda402382855be5e76fd2b3f8617f631
04955b2ca7543611e9249307a62c5d66797f47f7218a15b7e2862cda797b43b9
04f76a398213119f80480621e3365d2c381a81853314b6f9787913f69c95ea0b
0b0c858c7e30d98ca41eb80a32ce3db9f30b6c7ea7dd21081f3f0950058b86a6
0e5e27a1794d4b8de7d559602227567a126aa0d72abb4b25a1f8e479f44c2a30
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0ee1f48df7a4d9f41a29275f194dc2763d7151006913ad3f2d3e27c6a84dcc46
141462b7a3d6711df2a7e94c3b3a931be9d143e81c8be44d11e6d5b0bd1ac575
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf
1f297867348fadd89e500fd3cc5ed90ce8a23f3e209fa7d265ad216c3a949fd6
1fc1ae6cef876ea9410c4a9fd67f9f7cc3b2adcc2902c652aaf39e554aecfe8b
2141aae2f0a184dc8bbf09d9ab8031d6ce46fd04e5d4523023c20173cd10488b
23a4a55739ab4191e58e6c2afa99c4c60e69454bdeb905a99c2aca372e82619c
2e72c534144029fa5cd4fe30588af356d88ac2576c508a09cc86fa05f046242c
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30d07146fd3e6ff9ce893687aef1649c00cd40a6eb30537ac50387607f8154db
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3
39c16a0e7efb70de43d3e3f1f6850a786e975cb5d025a41330bb659e36a15a38
41300fa62fa77d9ef9f16c6e922888449cd7ea48549265139c9ccc4434816be0
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a
4aa23e04ef278c78922b1fa01118fca707166355fd2322794cc0d5cf1d227722
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8
557b4b74b16f3738f7468e43e288d018078eb0be1cc4301aecca1ca809bac6b0
5693450c3f66266ed840d6f27d710e256efbc2ed2c007bcfee3cd70ce8107732
5b08517a448adb1112a81fe120e683fba3b060b7aacb3758db70aa8ad615ab74
5ba131293ce8555dde013a9de2906100dfba071361db9e9d6487d539530dc794
5db0294813ff705274b117cf033b0fb05da97e5a2fa314951a24f254716bbec5
66052cbdbd8e43dae157fa0805b780a0b27877b07da42fd20ccfa693503058ce
67d62201501f1244da87e47b7905852a76ea38350d93ccb090b1bc6bd6ce85db
680cac9e1468ae2a9f7bba234b529b2a00161aae59bbd8349a371b8e1046bbc3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8ab09b6d2dd8fd3ac83c32bfb2135302e9f22e0c76b49a1ff9c2b9fd0bd81c
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
6e72189ab35302cffda4a663cb95a3db63d9ffe5c253556e4a3e18e12a8b4d97
6ff49eaf35182c5555b7fc827cce66e5af4276dc8097b0f4befa5fa90f42b03b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
71b31116e47377530e72eda5bf09a44067cdd42aa24625c7d908d702db28e21b
729863a7ec42d41fb4263f4d744742e8945be4dd90ca97b490d52f36997d6442
764909ae47442858a597a0d4c776a0af92376ac78537e667b0247d8aaf452be8
76831912633f89ba10d5721024226f15d5ba06ad5c667dfb00e2f3e56538218f
785e0befb28786086717cefd51807e97b57ddc4dc5661cff5fad41ca880ccfb1
79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5
7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111
7fce1e44dba22837c7c5a0f4c62ed4c01b79def2d3b962f6361c4169358c21cc
80a555dedc78e12486941d60d456c06ec632eaaef3844e680ebaa7a896a7c147
843ae8ad751bd026913bf4e17d3f5c4c3273421f144ed5cf9a5536d89e9434a0
873f448a931c865357b5cd844dd73c99684d69fc1722b2db4b2e2018c4e236c0
8aa1bb1da7b8c500a24da410b3880f17747c2d6a0e31496551a3e3f4f5e46fe9
91d538bf273570bb11705832db52fa65da8692b3154f6e24f51d69e75e078c32
9509f646da6baab8dd1a61bb6bd19a88c2bd084acf3cde5706f153873c608bc0
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
981f6fce014a154a64994620025a65ec31fc8ed031eab160ab453ea11b743689
98edf225677d01ad6cab00cdaa3f121c5f4563503a2aee9fa542ddee62236330
9c782d93dafb23cb2048f01ad07ad315e42b9ac31e832fd80c143df493cc8bfb
9ec253d5f88871eeb1938a94543beaa7b84e7e4831335292938f7eeb5825e987
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
a6957fd4f835537912ad562fa593b00090249c52b665e0ced1daffd4724d4f27
a9ec1f00b93ac0d17c0c99e59714e56aaabce0f8b4c0d0a3fd3168a36b62b96c
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace76eaa33319417de6150f090c8ae07123575b698e3b74c46d1d1e6f803d2a3
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b029df8ab405928be15a36fea3b0cf2da3fab2308b2526021d05f09f0a94fa5f
b1486265b227749651b2fe6899957c4ebca2931241fa8b7a6900c0888470dc68
b4142d9557a7dc22a15ff9053de531d7deb7c26df7e8ab728f3357d98b233da5
b689f4a05a794b86236b7f9cc9094961e67ebd3d845833467d0a11297379adde
b8fd5d13b84d5f3e43e800f3bbc3fe0e362b9f062690ee944c48c5ce7994474b
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11
c83cbe5f922ce0117b7c4029124d57d7a9c31b70e7929801a894b8bc9ab7022f
c8a03221b40013b330ec5965d4b8b976e1e86a4b5fe92a47d4aa95ed992e414f
c9e7f96a0079af276595169b99301fa0cd2a8cc83ff05529f8ef5280f51de2f2
cb373bde18855c82a0ebf2946ea661ebd0be58a7fbabdf20f7744ecd9c0a9cfd
cfe44fcaefe023a8af443283b25c4dad1f086840a09d48203b9937925426f2b8
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
d96cf614ceabac3ed0457c41be609da682b49d54088829e30d9b6a4d5209c92c
daf93d5396b63e8b6ef858919d7b9d2064d86cc2cdd9e6db2fa343dd03aad2bb
dd5650aca8af560fe850f843200d212b7d40635fa1416ca7f3fa9a875eab175b
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fe36c43ae07ab204a8cb1be37196d8166b22ff06c1feab5674b4ca2dad5ca8
e14d78e08b0c002db381a07349d6fada1ef794e14bb4e9fd3bfcd2e83c7ad1a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaa4e4cad9fc8740b1e614713c267262e9984182b22564b9c18038cb1493c88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa62efce64ff47c59c6fde707c7a795c7917ceaeb1d92baa1397b9757e6e8b0c
ff008dc80dfe6b5cdade5c9eaeb676e6bbb8b3cbd634252e503c52064a962bd4

www.slate.fr Open in urlscan Pro 2606:4700:10::ac43:9f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

99 %HTTPS

54 %IPv6

27 Domains

36 Subdomains

36 IPs

5 Countries

1762 kBTransfer

4708 kBSize

8 Cookies

7 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.slate.fr Open in urlscan Pro
2606:4700:10::ac43:9f4 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

99 %
HTTPS

54 %
IPv6

27
Domains

36
Subdomains

36
IPs

5
Countries

1762 kB
Transfer

4708 kB
Size

8
Cookies

110 HTTP transactions
1 data transactions