Submitted URL: https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.i...
Effective URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-ma...
Submission: On April 21 via api from BE — Scanned from FR

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 45 HTTP transactions. The main IP is 104.92.104.145, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.gala.fr. The Cisco Umbrella rank of the primary domain is 119127.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 20th 2022. Valid for: a year.
This is the only time www.gala.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 gala.fr
www.gala.fr — Cisco Umbrella Rank: 119127
consent.gala.fr — Cisco Umbrella Rank: 500603
247 KB
9 pmdstatic.net
tra.scds.pmdstatic.net — Cisco Umbrella Rank: 139641
201 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
183 KB
3 info-people.fr
wtm.info-people.fr
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10093
521 B
2 cloud-media.fr
er.cloud-media.fr — Cisco Umbrella Rank: 263958
422 B
2 phywi.org
r.phywi.org — Cisco Umbrella Rank: 116961
1 KB
1 prismamediadigital.com
creas.prismamediadigital.com — Cisco Umbrella Rank: 322551
2 KB
1 sp-prod.net
gdpr-tcfv2.sp-prod.net — Cisco Umbrella Rank: 14001
45 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2974
19 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2363
450 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
28 KB
1 prismamedia.com
consents.prismamedia.com — Cisco Umbrella Rank: 92484
319 B
1 s3s-main.net
s3s-main.net — Cisco Umbrella Rank: 193627
1 KB
45 17
Domain Requested by
15 www.gala.fr 2 redirects wtm.info-people.fr
www.gala.fr
tra.scds.pmdstatic.net
9 tra.scds.pmdstatic.net www.gala.fr
tra.scds.pmdstatic.net
s3s-main.net
6 consent.gala.fr gdpr-tcfv2.sp-prod.net
consent.gala.fr
3 www.googletagmanager.com www.gala.fr
tra.scds.pmdstatic.net
www.googletagmanager.com
3 wtm.info-people.fr 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.gala.fr
2 redirect.frontend.weborama.fr 2 redirects
2 er.cloud-media.fr 1 redirects wtm.info-people.fr
2 r.phywi.org wtm.info-people.fr
1 creas.prismamediadigital.com consent.gala.fr
1 gdpr-tcfv2.sp-prod.net s3s-main.net
1 cdn.amplitude.com s3s-main.net
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.polyfill.io tra.scds.pmdstatic.net
1 fonts.googleapis.com www.gala.fr
1 www.googletagservices.com www.gala.fr
1 consents.prismamedia.com 1 redirects
1 s3s-main.net
45 18
Subject Issuer Validity Valid
s3s.fr
Sectigo RSA Domain Validation Secure Server CA
2021-04-21 -
2022-05-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-19 -
2022-06-18
a year crt.sh
*.phywi.org
Gandi Standard SSL CA 2
2022-01-13 -
2023-02-13
a year crt.sh
prismamediadigital.com
Sectigo RSA Organization Validation Secure Server CA
2022-04-20 -
2023-04-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
cdn.amplitude.com
Amazon
2021-12-17 -
2023-01-14
a year crt.sh
*.sp-prod.net
R3
2022-02-28 -
2022-05-29
3 months crt.sh
consent.caminteresse.fr
R3
2022-03-21 -
2022-06-19
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Frame ID: 89C8F6EEBF93F7775EB2361D40F0FD9F
Requests: 40 HTTP requests in this frame

Frame: https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Frame ID: CB9C7A5BB10DF4161073D04FB01237EE
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Vladimir Poutine : pourquoi il refuse de parler publiquement de ses filles Maria et Katerina - Gala

Page URL History Show full URLs

  1. https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u... Page URL
  2. https://wtm.info-people.fr/r/eNqFUMFymzAQ%2FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%2FvqKaU69dEbzdve9N2... HTTP 302
    https://wtm.info-people.fr/w/560212/39564c48f263b3f97a20af52fd48b15d/1835/610/76b29639de0150ae4e9cfde9c... HTTP 302
    https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala... Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquem... HTTP 302
    https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Fwww.gala.fr&redirectUri=%2fl_actu%2fnews_de_star... HTTP 302
    https://www.gala.fr/?authId=98b45b3eb29866a5ebbd718de5359f5b&redirectUri=%2fl_actu%2fnews_de_sta... HTTP 302
    https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquem... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

45
Requests

96 %
HTTPS

47 %
IPv6

17
Domains

18
Subdomains

17
IPs

4
Countries

796 kB
Transfer

2731 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF Page URL
  2. https://wtm.info-people.fr/r/eNqFUMFymzAQ%2FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%2FvqKaU69dEbzdve9N2%2B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%2FBvH8e7INb%2BTvZ90ySvrfNPAOJQ1lIPl%2FeDnq%2Ba1MqoPu9ZZ1cBU%2B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%2BCna9h2av%2Br%2FTv2lru5782v34mbXTGQrsTrlt2K%2FGc8%2FTqf8EhOM39pslb%2Bl%2BeMtQEtGTvv1oxo%2FtjObH8%2FDM1rvaj0%2FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%2B1R9p8%2B9hkvtkXB%2BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%2FgEwQL%2FF HTTP 302
    https://wtm.info-people.fr/w/560212/39564c48f263b3f97a20af52fd48b15d/1835/610/76b29639de0150ae4e9cfde9cefb2064/12/35/o/?u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D HTTP 302
    https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676 HTTP 302
    https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Fwww.gala.fr&redirectUri=%2fl_actu%2fnews_de_stars%2fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676 HTTP 302
    https://www.gala.fr/?authId=98b45b3eb29866a5ebbd718de5359f5b&redirectUri=%2fl_actu%2fnews_de_stars%2fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676 HTTP 302
    https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://wtm.info-people.fr/r/eNqFUMFymzAQ%2FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%2FvqKaU69dEbzdve9N2%2B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%2FBvH8e7INb%2BTvZ90ySvrfNPAOJQ1lIPl%2FeDnq%2Ba1MqoPu9ZZ1cBU%2B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%2BCna9h2av%2Br%2FTv2lru5782v34mbXTGQrsTrlt2K%2FGc8%2FTqf8EhOM39pslb%2Bl%2BeMtQEtGTvv1oxo%2FtjObH8%2FDM1rvaj0%2FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%2B1R9p8%2B9hkvtkXB%2BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%2FgEwQL%2FF HTTP 302
  • https://wtm.info-people.fr/w/560212/39564c48f263b3f97a20af52fd48b15d/1835/610/76b29639de0150ae4e9cfde9cefb2064/12/35/o/?u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D HTTP 302
  • https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Request Chain 3
  • https://er.cloud-media.fr/r/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 4
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1353223807 HTTP 302
  • https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=G.7JqWGSYei.qwnjo2Ct6u

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2334010392.html
s3s-main.net/fw19c3/19572872/7396160/
738 B
1 KB
Document
General
Full URL
https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.11 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin, content-type, accept
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Length
738
Content-Type
text/html
Date
Thu, 21 Apr 2022 07:38:29 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Pragma
no-cache
Server
Apache
X-Robots-Tag
noindex,nofollow
redirection.html
wtm.info-people.fr/
Redirect Chain
  • https://wtm.info-people.fr/r/eNqFUMFymzAQ%2FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%2FvqKaU69dEbzdve9N2%2B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruy...
  • https://wtm.info-people.fr/w/560212/39564c48f263b3f97a20af52fd48b15d/1835/610/76b29639de0150ae4e9cfde9cefb2064/12/35/o/?u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourq...
  • https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-s...
4 KB
2 KB
Document
General
Full URL
https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f64968467aca2417883f8780f9b112f4c8a4cad61fc5d4fe79eed4a3779b70d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff475e21e799993-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 07:38:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzN%2FC%2F6G833W18F2wjzCDTkOUuegoQDfl3wBa%2F9VcEGYLzr3FBvi65crPehtW82c8zZ0MiwaWRmWZxkmxUL2A6dd1N3n%2BoAihdbzPayn80UZuSMlJ%2BKbkFMNu2UxeA1%2FNRi7cHMZ7%2BdlfOMFm68L37s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-request-id
6CA2E528:A1B4_33592B57:0050_626109F6_2219E9E:001C

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
6ff475e1cdb73ac8-CDG
content-length
0
date
Thu, 21 Apr 2022 07:38:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 01 Jan 2014 00:00:00 GMT
location
https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOQxeB6Z0xE8bZtxgEzUbVmSZsQchr26Yw3jzWbMVE2%2FfcFmWzv3pWQcv7uVOwGCFECEMdBEg1pfAaug3TKJ8GSqpNlWefQYBusPX80xCKrtJ7%2FASoXt2%2FiKg%2BBtzr%2BycAmY8f%2BqEpOOkkGWWmoukDk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-request-id
6CA2E528:A228_33592B57:0050_626109F3_2219E8D:001C
cl.gif
r.phywi.org/
43 B
578 B
Image
General
Full URL
https://r.phywi.org/cl.gif?m=39564c48f263b3f97a20af52fd48b15d
Requested by
Host: wtm.info-people.fr
URL: https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9c59:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 07:38:30 GMT
server
nginx
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id
200141D00008D1540000000000000009:BD6E_200141D002039C590000000000000000:01BB_626109F6_1D3823A:001C
expires
Sun, 01 Jan 2014 00:00:00 GMT
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/
Redirect Chain
  • https://er.cloud-media.fr/r/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
231 B
Image
General
Full URL
https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.info-people.fr
URL: https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Protocol
H2
Server
52.213.136.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-136-124.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
date
Thu, 21 Apr 2022 07:38:30 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1353223807
  • https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=G.7JqWGSYei.qwnjo2Ct6u
43 B
577 B
Image
General
Full URL
https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=G.7JqWGSYei.qwnjo2Ct6u
Requested by
Host: wtm.info-people.fr
URL: https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Protocol
H2
Server
2001:41d0:203:9c59:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 07:38:30 GMT
server
nginx
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id
200141D00008D1540000000000000009:BD6E_200141D002039C590000000000000000:01BB_626109F6_1D38246:001C
expires
Sun, 01 Jan 2014 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 07:38:30 GMT
via
1.1 google
last-modified
Thu, 21 Apr 2022 07:38:30 GMT
server
nginx/1.18.0
location
https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=G.7JqWGSYei.qwnjo2Ct6u
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
www.gala.fr/l_actu/news_de_stars/
Redirect Chain
  • https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
  • https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Fwww.gala.fr&redirectUri=%2fl_actu%2fnews_de_stars%2fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-ka...
  • https://www.gala.fr/?authId=98b45b3eb29866a5ebbd718de5359f5b&redirectUri=%2fl_actu%2fnews_de_stars%2fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
  • https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
226 KB
31 KB
Document
General
Full URL
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Requested by
Host: wtm.info-people.fr
URL: https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
bcace9f1f3cbbf0a56fae35a8869aa39a605b5d8e488a437a7fc7c8826a95cf5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://wtm.info-people.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d&dc=rmWOUu7vCbCFbFhEzMRJwjShhEq0533ZoCFEZ4EIz%2B95hRHIiwxK7tEgjsP2HOdl8Y%2FvUUBJpueMLH9oCEC6vjuX9LzpuMrl8bAn1KEolM%2FbNl%2F6nGxJC%2FRMY2%2BY9%2BoKO59l%2FMfH1q5R6s0YYgqCPm2wfbT1K6R3XMKbuMf2y9A%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=503
content-encoding
gzip
content-length
31696
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 07:38:30 GMT
server
nginx/1.17.8
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
vary
Accept-Encoding
x-content-type-options
nosniff
x-generation-time
0.097 @ Thu, 21 Apr 2022 07:36:57 GMT
x-varnish-cache
PASS

Redirect headers

content-length
0
date
Thu, 21 Apr 2022 07:38:30 GMT
location
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
server
AkamaiGHost
browsertools.js
tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/
37 KB
13 KB
Script
General
Full URL
https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F69) /
Resource Hash
082e56acf375a2d74192f4ccc54af56ac37f8bde891e336fe0e935c5ee6e7628

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
gzip
age
3004792
x-cache
HIT
content-disposition
inline
content-length
12418
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 12:57:57 GMT
server
ECAcc (paa/6F69)
etag
W/"0314bf677dedaaca4a67fcd1137f4387"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
sLjaC8jJs2lBH_c8sKCM_QIurq3k1VCZ
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
sTTionntSvzhS7zH6nobBCB2EZaBfmFNq1fbf1F-zecwJVaeTrWcxA==
stix-two-text-v8-latin.woff2
www.gala.fr/assets/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.gala.fr/assets/fonts/stix-two-text-v8-latin.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
0ae15686a83986b3cdf6b13501a27d35ba3b7606924b948bc91379b02e6bb3b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Origin
https://www.gala.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 16:15:45 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
font/woff2
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 17 Mar 2022 16:41:22 GMT
cache-control
public, max-age=28544500
accept-ranges
bytes
content-length
25440
expires
Fri, 17 Mar 2023 16:40:10 GMT
nunito-v22-latin.woff2
www.gala.fr/assets/fonts/
35 KB
35 KB
Font
General
Full URL
https://www.gala.fr/assets/fonts/nunito-v22-latin.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
5b91baff78fa4145193133a9f152a78dd6026f9085bd86c10acccaf84edd8575
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Origin
https://www.gala.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 16:15:45 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
font/woff2
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 17 Mar 2022 16:41:27 GMT
cache-control
public, max-age=28544553
accept-ranges
bytes
content-length
35796
expires
Fri, 17 Mar 2023 16:41:03 GMT
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.166.1/
270 KB
80 KB
Script
General
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.166.1/core-ads.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F10) /
Resource Hash
818d49ebc1dc8fe5cfa64622f0ec258e352b4c7c8a43d3e1a2aebd8b501ea2b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
gzip
age
55293
x-cache
HIT
content-disposition
inline
content-length
81827
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 16:16:27 GMT
server
ECAcc (paa/6F10)
etag
W/"aea2ea0fc8aa8d12952072666bf0aa08"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
2.mVtYrz0YWRahttvTTl5mFrkzASbmLj
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ImG93IC-ekrzYyaYfpBnvCkY6RbQWMhrbaol4E-MbP2Bj0sBCk985A==
gpt.js
www.googletagservices.com/tag/js/
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55162ef3274f682d57d9c0e17c488d240977f292d2aa3d437202e17c6b57d8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
etag
"1192 / 282 of 1000 / last-modified: 1650492553"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Apr 2022 07:38:30 GMT
554-70f000c4b35d7d3da664.min.css
www.gala.fr/assets/styles/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.gala.fr/assets/styles/554-70f000c4b35d7d3da664.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
0b0189976a5521f8b4241162735efdd9b71ac979e56802c1bbfea8208dc4bed3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
2699
last-modified
Thu, 24 Mar 2022 15:57:22 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 24 Mar 2022 16:15:36 GMT
cache-control
public, max-age=29147833
accept-ranges
bytes
expires
Fri, 24 Mar 2023 16:15:43 GMT
789-91ccd1ff872b3ef239a9.min.css
www.gala.fr/assets/styles/
39 KB
7 KB
Stylesheet
General
Full URL
https://www.gala.fr/assets/styles/789-91ccd1ff872b3ef239a9.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
08f7e870cb82a68236f0beffad5563e913cfdf68f869c1cc44ecb867f1bec852
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
6868
last-modified
Thu, 14 Apr 2022 09:47:00 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-generation-time
0.103 @ Thu, 14 Apr 2022 12:29:36 GMT
cache-control
public, max-age=30948642
accept-ranges
bytes
expires
Fri, 14 Apr 2023 12:29:12 GMT
article-f98ce5d632e4c6a70f62.min.css
www.gala.fr/assets/styles/
42 KB
7 KB
Stylesheet
General
Full URL
https://www.gala.fr/assets/styles/article-f98ce5d632e4c6a70f62.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
e873d01dd9d4f26d2ee1a0b5282887c740931be8b46672b79fcb23a2ec1d50d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
6770
last-modified
Thu, 14 Apr 2022 09:47:00 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-generation-time
0.004 @ Thu, 14 Apr 2022 12:29:43 GMT
cache-control
public, max-age=30948640
accept-ranges
bytes
expires
Fri, 14 Apr 2023 12:29:10 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 07:31:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Apr 2022 07:38:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Apr 2022 07:38:30 GMT
vladimir-poutine-marie-a-alina-kabaeva-ce-jour-ou-elle-a-porte-une-alliance.jpg
www.gala.fr/imgre/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2022.2F03.2F25.2Fe46624bf-fdad-4cb9-b658-3671bd58de90.2Ejpeg/100x100/cr/wqkgSVRBUiBUQVNTIC8gQkVTVElNQUdFIC8gR2FsYQ%3D%3D/crop-from/top/
2 KB
2 KB
Image
General
Full URL
https://www.gala.fr/imgre/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2022.2F03.2F25.2Fe46624bf-fdad-4cb9-b658-3671bd58de90.2Ejpeg/100x100/cr/wqkgSVRBUiBUQVNTIC8gQkVTVElNQUdFIC8gR2FsYQ%3D%3D/crop-from/top/vladimir-poutine-marie-a-alina-kabaeva-ce-jour-ou-elle-a-porte-une-alliance.jpg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fee269b4cb6940083945ef2151cb6a32ed9f33183298200779f485575372ea0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
last-modified
Sat, 16 Apr 2022 05:57:17 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
public, max-age=31097863, s-maxage=31536000
access-control-allow-headers
X-Photosphere
content-length
1604
expires
Sun, 16 Apr 2023 05:56:13 GMT
gtm.js
www.googletagmanager.com/
105 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71c8e27a03dd18e353c477d77adfba62ca6b7ca9306ce8be953c64b61b971b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40958
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Apr 2022 07:38:30 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
gala-image-par-defaut.png
www.gala.fr/assets/images/
6 KB
6 KB
Image
General
Full URL
https://www.gala.fr/assets/images/gala-image-par-defaut.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/554-70f000c4b35d7d3da664.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/assets/styles/554-70f000c4b35d7d3da664.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 14 Oct 2021 13:20:36 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
image/png
access-control-allow-origin
*
x-generation-time
0.001 @ Mon, 18 Oct 2021 11:36:00 GMT
cache-control
public, max-age=15566237
accept-ranges
bytes
content-length
5765
expires
Tue, 18 Oct 2022 11:35:47 GMT
polyfill.min.js
cdn.polyfill.io/v2/
222 B
450 B
XHR
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
br
last-modified
Mon, 04 Apr 2022 11:52:56 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/100.0.0
server-timing
cache-cdg20771, PASS, fastly;desc="Edge time";dur=13
accept-ranges
bytes
content-length
126
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gala.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
118380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:45:30 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
220
date
Thu, 21 Apr 2022 07:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Apr 2022 09:34:50 GMT
sourcepoint.min.js
tra.scds.pmdstatic.net/sourcepoint/4.5.1/
15 KB
6 KB
XHR
General
Full URL
https://tra.scds.pmdstatic.net/sourcepoint/4.5.1/sourcepoint.min.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F6B) /
Resource Hash
4d7cab55b0f583c2092a5c0d50869023308c8c0c5eb8aa93331fe75ca3341174

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
gzip
age
1961284
x-cache
HIT
content-disposition
inline
content-length
6196
access-control-allow-origin
*
last-modified
Tue, 29 Mar 2022 14:49:30 GMT
server
ECAcc (paa/6F6B)
etag
W/"afb898a5abf1449b52ea767503c334ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
OOB6zFI5lJD3LjZan8xVz0rRdKbX9B8C
via
1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
Y7lzMvFjpkD7On46G185vRoa7cCian7ocSdthqtLKKaFYhqzdoC5qw==
essentials-1c8c48d6c422be645cb0.js
www.gala.fr/assets/scripts/
16 KB
7 KB
XHR
General
Full URL
https://www.gala.fr/assets/scripts/essentials-1c8c48d6c422be645cb0.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
6e19c02d9538121a0d31bfd7b6889e5e27cf20429052068a2501425830cd087f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
6759
last-modified
Wed, 19 Jan 2022 10:06:23 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.001 @ Wed, 19 Jan 2022 10:42:10 GMT
cache-control
public, max-age=23598166
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:41:16 GMT
amplitude-7.2.1-min.gz.js
cdn.amplitude.com/libs/
59 KB
19 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-100.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer
https://www.gala.fr/
Origin
https://www.gala.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 13:57:06 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1964485
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19222
access-control-allow-origin
*
last-modified
Tue, 22 Sep 2020 19:51:25 GMT
server
AmazonS3
etag
"e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via
1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bSsdEz5DOt0JxfDBECHgN1JcHNB9potU0_mayyejeflpzEjEDPZD1Q==
wrapperMessagingWithoutDetection.js
gdpr-tcfv2.sp-prod.net/
153 KB
45 KB
Script
General
Full URL
https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a448545c2a7d2ee3ee899e1f8d77b88ea84cd331e840664761ad279c85bf7d5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 18:45:53 GMT
server
AmazonS3
age
2706
etag
W/"4a841ca0e26436d3ecbd6cce90d02dba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Thu, 21 Apr 2022 06:53:25 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
jkgOz-jQUBP0N-yRckzBT47IQfb7RG9-zYHcUTOsCdyWPblIp8jysA==
vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
www.gala.fr/l_actu/news_de_stars/
226 KB
31 KB
XHR
General
Full URL
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
bcace9f1f3cbbf0a56fae35a8869aa39a605b5d8e488a437a7fc7c8826a95cf5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-generation-time
0.097 @ Thu, 21 Apr 2022 07:36:57 GMT
cache-control
public, max-age=503
accept-ranges
bytes
vary
Accept-Encoding
content-length
31696
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=526210377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=https%3A%2F%2Fwtm.info-people.fr%2F&ul=en-us&de=UTF-8&dt=Vladimir%20Poutine%C2%A0%3A%20pourquoi%20il%20refuse%20de%20parler%20publiquement%20de%20ses%20filles%20Maria%20et%20Katerina%20-%20Gala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&cid=1862216405.1650526711&tid=UA-192933331-1&_gid=1432403143.1650526711&gtm=2wg4i15F76P37&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd27=https%3A%2F%2Fwtm.info-people.fr%2F&npa=1&z=1454430879
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 16:30:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54451
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.166.1/
270 KB
80 KB
XHR
General
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.166.1/core-ads.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F10) /
Resource Hash
818d49ebc1dc8fe5cfa64622f0ec258e352b4c7c8a43d3e1a2aebd8b501ea2b0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:30 GMT
content-encoding
gzip
age
55293
x-cache
HIT
content-disposition
inline
content-length
81827
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 16:16:27 GMT
server
ECAcc (paa/6F10)
etag
W/"aea2ea0fc8aa8d12952072666bf0aa08"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
2.mVtYrz0YWRahttvTTl5mFrkzASbmLj
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ImG93IC-ekrzYyaYfpBnvCkY6RbQWMhrbaol4E-MbP2Bj0sBCk985A==
esm.index.js
tra.scds.pmdstatic.net/pmc-starter/4.18.0/
42 KB
13 KB
XHR
General
Full URL
https://tra.scds.pmdstatic.net/pmc-starter/4.18.0/esm.index.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F6C) /
Resource Hash
b81c7768eea53c12db13ab7a2a310ab09ad30e6524df5dd23625facae106830a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
age
3598543
x-cache
HIT
content-disposition
inline
content-length
12965
access-control-allow-origin
*
last-modified
Wed, 09 Mar 2022 13:22:12 GMT
server
ECAcc (paa/6F6C)
etag
W/"a50df9cc7cc0c7cbc7a10213dcbf1f28"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
civ91zOTUyUhGg8pwjADa.wEt.dwEH.M
via
1.1 bb94c626686a13857c0144152dfd53b8.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
XXiB18Lb4nV7tj6jF6A7Ys3oUlEe5q2lJjI2YoeIpAiydTfe791osQ==
gtm.js
www.googletagmanager.com/
228 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bc5b1b47b29a53a9f76ac289c61f5758af90b08738722ad8cefcc879b30b269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75530
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Apr 2022 07:38:31 GMT
579-dfbfc6e11028af3bb1ea.js
www.gala.fr/assets/scripts/
5 KB
2 KB
XHR
General
Full URL
https://www.gala.fr/assets/scripts/579-dfbfc6e11028af3bb1ea.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
47471d74b75c12424d42c78d55692e90afd9b04f34d14adbb572f37cab0b8954
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
1638
last-modified
Thu, 14 Apr 2022 09:47:00 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:31 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 14 Apr 2022 12:29:07 GMT
cache-control
public, max-age=30948663
accept-ranges
bytes
expires
Fri, 14 Apr 2023 12:29:34 GMT
789-240f7e0932671e225317.js
www.gala.fr/assets/scripts/
21 KB
6 KB
XHR
General
Full URL
https://www.gala.fr/assets/scripts/789-240f7e0932671e225317.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
6505b46fceac25484dfac3b50ede15bb5c99864271fb683e953bfb810d7ca493
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
5378
last-modified
Thu, 14 Apr 2022 09:47:00 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:31 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 14 Apr 2022 12:29:58 GMT
cache-control
public, max-age=30948687
accept-ranges
bytes
expires
Fri, 14 Apr 2023 12:29:58 GMT
article-0fae167a88277dfa3fe5.js
www.gala.fr/assets/scripts/
14 KB
5 KB
XHR
General
Full URL
https://www.gala.fr/assets/scripts/article-0fae167a88277dfa3fe5.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.104.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-104-145.deploy.static.akamaitechnologies.com
Software
nginx/1.17.8 /
Resource Hash
0dd5260eaef70ef5b0d02083ab0c005e28337cfd1586d474ef09266a1d390976
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-length
4970
last-modified
Thu, 14 Apr 2022 09:47:00 GMT
server
nginx/1.17.8
date
Thu, 21 Apr 2022 07:38:31 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 14 Apr 2022 12:29:17 GMT
cache-control
public, max-age=30948636
accept-ranges
bytes
expires
Fri, 14 Apr 2023 12:29:07 GMT
optinBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/6.3.1/
8 KB
4 KB
XHR
General
Full URL
https://tra.scds.pmdstatic.net/pmc-kit-components/6.3.1/optinBundle.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F11) /
Resource Hash
d7c1d34e795a55124231012e470d37540bd528d5e830cd401e3d48f6bb6bf626

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
age
1116778
x-cache
HIT
content-disposition
inline
content-length
3561
access-control-allow-origin
*
last-modified
Fri, 08 Apr 2022 09:24:57 GMT
server
ECAcc (paa/6F11)
etag
W/"96e09467ac7a5e45213d036c94549d65"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
e4DjUoqOYBqu09I7BQAEGjCTHZc8P7xD
via
1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
Kj8lI5iD5VQFs1_fv95iFXEuRf3ewaAaZRPwIw4Fj9yA2hWm7G7lJA==
overview.js
tra.scds.pmdstatic.net/logora/5.1.0/
6 KB
2 KB
XHR
General
Full URL
https://tra.scds.pmdstatic.net/logora/5.1.0/overview.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.50/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F5F) /
Resource Hash
f24a5176e6926ca79a395e6e6f7f5d7eb2c6ecbe8448fe11dbe71e5f0ff284ec

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
age
25654240
x-cache
HIT
content-disposition
inline
content-length
1952
access-control-allow-origin
*
last-modified
Mon, 28 Jun 2021 09:27:00 GMT
server
ECAcc (paa/6F5F)
etag
W/"c453557ad03cb3bce3f640de11ccba0f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Kbt.Rao2h0F5R7.2UC8r.RapQ7FZXoMe
via
1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
dmykxg0K80fjr2vutC8DKQ9FG_jtgI1hpoliAZvwZ27hJm4i4Fhnrg==
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/
211 KB
16 KB
XHR
General
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%221bed1635-1f44-4a19-8128-012c4ded1f93%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d%22%2C%22euconsent%22%3Anull%2C%22authId%22%3A%2298b45b3eb29866a5ebbd718de5359f5b%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%2C%5C%22isHBRPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
98c95a7c84e29b9572e918f75141ca76ab2586ea4fa9eea372330b8e5d41cc7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.gala.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-P2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
1RA4XKBvqW7v7jIcuSVeO5dQIdxLN_uyoIKOU77uWIFcOQQYboXp-g==
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/ Frame
0
0
Preflight
General
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%221bed1635-1f44-4a19-8128-012c4ded1f93%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Fvladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676%23utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%26part%5Bname%5D%3Dwelcoming%26part%5Btoken%5D%3D39564c48f263b3f97a20af52fd48b15d%22%2C%22euconsent%22%3Anull%2C%22authId%22%3A%2298b45b3eb29866a5ebbd718de5359f5b%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%2C%5C%22isHBRPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gala.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 21 Apr 2022 07:38:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-id
kirTa3Y3vyh5cEK9OG2ADOxf6KGvmJ3EXtisz9rx6RAraGk2UC-MKg==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-powered-by
Express
esm.pmc_conf_prod_bfefd92c0714a1feb2f6.js
tra.scds.pmdstatic.net/pmc-starter/4.18.0/assets/scripts/
377 B
530 B
Script
General
Full URL
https://tra.scds.pmdstatic.net/pmc-starter/4.18.0/assets/scripts/esm.pmc_conf_prod_bfefd92c0714a1feb2f6.js
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F0F) /
Resource Hash
ee6b8f339a5e9f02379bef6b7d55e4032df341273c4b546489a8c073d409953e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
age
3598543
x-cache
HIT
content-disposition
inline
content-length
263
access-control-allow-origin
*
last-modified
Wed, 09 Mar 2022 13:22:10 GMT
server
ECAcc (paa/6F0F)
etag
"0174796bf4eca1509623cf561706c4b0+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
y9jTQltStWvsPQ4oZTycNul0l9qZ8MoS
via
1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ce5b1CfHbcjQDpIcS-wGUkhOHWpPt-kTuRrBz5ynrFgxAYalJFZwBw==
esm.buttons__b586a1eebb8340aec235.js
tra.scds.pmdstatic.net/pmc-starter/4.18.0/assets/scripts/
7 KB
2 KB
Script
General
Full URL
https://tra.scds.pmdstatic.net/pmc-starter/4.18.0/assets/scripts/esm.buttons__b586a1eebb8340aec235.js
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19572872/7396160/2334010392.html?p=f531793fc965f5971d11fad7894be696&u=https%3A%2F%2Fwtm.info-people.fr%2Fr%2FeNqFUMFymzAQ%252FRp6I4CEZOuQ6dgE17FDnXGbaZwLI8HKliMBBsmk%252FvqKaU69dEbzdve9N2%252B0O0aExihBEWaEplU6l4higSWbcRRzSZCs07lISB0lc0wimsTRjArEKGY1xAmJOaTAKll7AClQTNNoSiNRG3119ydruyHAiwCt%252FBvH8e7INb%252BTvZ90ySvrfNPAOJQ1lIPl%252FeDnq%252Ba1MqoPu9ZZ1cBU%252B4trVah02IN0A4S1Z3mvwZuc0OriwEBjJ3qAIZRKa18M7xUPwYbv3EKvGl6mLKEzGiDsrCkHH1tBgB9G0FVrVHMMEJ0EA7VyxgtVV31SFTcdV8fGk51pS79FyXurKg3e4H9iA7JsuIGAPPwT%252BCna9h2av%252Br%252FTv2lru5782v34mbXTGQrsTrlt2K%252FGc8%252FTqf8EhOM39pslb%252Bl%252BeMtQEtGTvv1oxo%252FtjObH8%252FDM1rvaj0%252FTKd8eVluOgfF05q1WZ7R69m9sqdb54pez8WiSbZ5qwvvFN%252B1R9p8%252B9hkvtkXB%252BSjD8xDu90RNqmFXCcXsqdDfDgcL9mzQaMUP5Mt3ePXYitcIdFvtvAb%252FgEwQL%252FF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F50) /
Resource Hash
5f95f5d399a088f989753abcd25518b3faa99b462f9913d7c16d21351923435e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
gzip
age
3598542
x-cache
HIT
content-disposition
inline
content-length
2235
access-control-allow-origin
*
last-modified
Wed, 09 Mar 2022 13:22:10 GMT
server
ECAcc (paa/6F50)
etag
W/"a9d748c2dea57d211fdef1d8e9aa549b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
vtYcwqIW4g.Mixjhy84jPBp3Zw0eusk.
via
1.1 f4582372b9151740be645b6db921848e.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
dibm8Mb7pLQnqz79HkZCvDSIponAMu1L7_UChwPsPuNCkyva7aDyLQ==
gtm.js
www.googletagmanager.com/
212 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50e78c287ec8baa1642f72e90c1d9e0202a1929385a5386ddfe6234e55f3d4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:38:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69876
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Apr 2022 07:38:31 GMT
index.html
consent.gala.fr/ Frame CB9C
4 KB
2 KB
Document
General
Full URL
https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825

Request headers

Referer
https://www.gala.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
446
content-encoding
gzip
content-type
text/html
date
Thu, 21 Apr 2022 07:31:06 GMT
etag
W/"2a69e1c8b9e76a17c68c0fbc999a20a4"
last-modified
Mon, 11 Apr 2022 20:49:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-id
rHgYI3KDfhLtr16LhulQXW_o4epBVnCD7f99N-9JXPs-0jiMUeX6Ig==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
Notice.93195.css
consent.gala.fr/ Frame CB9C
32 KB
6 KB
Stylesheet
General
Full URL
https://consent.gala.fr/Notice.93195.css
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 06:50:50 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 20:49:05 GMT
server
AmazonS3
age
2864
etag
W/"a0ac796ad2ed0d9ac69acab496103ef1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
IOxEZ2RXFAVL4SIE7s_RNyN1bGptYLC-nIWuMo04Zd1T161gKdMoog==
polyfills.d36c5.js
consent.gala.fr/ Frame CB9C
5 KB
2 KB
Script
General
Full URL
https://consent.gala.fr/polyfills.d36c5.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 06:55:21 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 20:49:06 GMT
server
AmazonS3
age
2592
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
p5FyHaAzbJdPTLKrNbtVcWOx6CZLIi3dx0Kco0SiZ19Xjf7AuDYUnw==
Notice.8d27a.js
consent.gala.fr/ Frame CB9C
209 KB
52 KB
Script
General
Full URL
https://consent.gala.fr/Notice.8d27a.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:18:57 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 20:49:05 GMT
server
AmazonS3
age
1177
etag
W/"e6dd682a112c11cc0345810718906e29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
cE6bEl3lmpTnoKhBWi1CO8nggD0ZWnu2YE2ZxF0UR8txsd2Pf1h62w==
gal_logo.svg
creas.prismamediadigital.com/people/logos/ Frame CB9C
4 KB
2 KB
Image
General
Full URL
https://creas.prismamediadigital.com/people/logos/gal_logo.svg
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=629023&consentUUID=58403466-74ee-4e1c-a09d-1f949b362bf4_6&requestUUID=1bed1635-1f44-4a19-8128-012c4ded1f93&preload_message=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.181.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-181-197.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b69c4f26bcdf50e03853c80754d362880cbf1e1c03a11e225a84985472f9f7d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://consent.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
fl2MGNRZqkX8wBMZJfoTjdhYpYOsx115
Content-Encoding
gzip
Last-Modified
Mon, 22 Feb 2021 08:26:42 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
W/"32d5c48b90a970e8a4327fc3a5843ec0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Date
Thu, 21 Apr 2022 07:38:31 GMT
Connection
keep-alive
Content-Length
2003
X-Amz-Cf-Id
9q6H3FdeuqZDztoRPlBBAhQkC1FHRnf0mpxQZhnBzGS_t3rNPkeJzw==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| pmcstarter function| loadCSS boolean| gtag_enable_tcf_support function| generatePageHitID object| dataLayer object| frontConfig object| pmsCoreAds object| _gaq function| checkTcfApi function| ga object| layerObj function| checkTcfApiDm function| setImmediate function| clearImmediate object| __core-js_shared__ object| core function| axios object| pmdBrowserTools object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| picturefillCFG function| picturefill object| SourcePoint object| amplitude function| __tcfapi object| _sp_queue object| _sp_ object| gaplugins object| gaGlobal object| gaData object| coreAds object| webpackJsonpcoreAds object| regeneratorRuntime object| webpackChunkPmcAPIClient undefined| PmcAPIClient object| pmcKitComponents object| webpackChunk function| BookmarkClient object| galApp function| postscribe object| google_tag_manager_external number| refreshTime function| onGalaPageUpdate

20 Cookies

Domain/Path Name / Value
.s3s-main.net/ Name: wm_welcoming_v2
Value: %2Cfw_19572872%2C%3B2055697052
.phywi.org/ Name: pl
Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%220284%3A675d59g374c4g%3A8b31bg63ge59c26e05d52%22%3B%7D
.weborama.fr/ Name: AFFICHE_W
Value: K5lllNlDOWMr68
.cloud-media.fr/ Name: l_id
Value: 39564c48f263b3f97a20af52fd48b15d
.prismamedia.com/ Name: authId
Value: 98b45b3eb29866a5ebbd718de5359f5b
.gala.fr/ Name: authId
Value: 98b45b3eb29866a5ebbd718de5359f5b
.gala.fr/ Name: ga_exempt
Value: GA1.2.1862216405.1650526711
.gala.fr/ Name: ga_exempt_gid
Value: GA1.2.1432403143.1650526711
.gala.fr/ Name: amp_47d314
Value: Imd49CCXvxyNTW1lcZ8kN1...1g15gtr87.1g15gtr87.0.0.0
.gala.fr/ Name: _ga
Value: GA1.2.1862216405.1650526711
.gala.fr/ Name: _gid
Value: GA1.2.1077970597.1650526711
www.gala.fr/ Name: pageCount
Value: 1
www.gala.fr/ Name: _sp_v1_uid
Value: 1:455:c69b3ca8-b3bd-4e00-a55c-41a06894d45e
www.gala.fr/ Name: _sp_v1_data
Value: 2:471111:1650526711:0:1:0:1:0:0:_:-1
www.gala.fr/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKhjHySnNydGKUUpHYJWCJ6traWFwSSjrUNwifftKVRWNl5IEYBridQ7qEUiwA3cEXoFQBAAA%3D
www.gala.fr/ Name: _sp_v1_opt
Value: 1:
www.gala.fr/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
www.gala.fr/ Name: _sp_v1_csv
Value: null
www.gala.fr/ Name: _sp_v1_lt
Value: 1:
.gala.fr/ Name: consentUUID
Value: 58403466-74ee-4e1c-a09d-1f949b362bf4_6

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676#utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article&part[name]=welcoming&part[token]=39564c48f263b3f97a20af52fd48b15d
Message:
The resource https://tra.scds.pmdstatic.net/advertising-core/4.166.1/core-ads.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.gala.fr/l_actu/news_de_stars/vladimir-poutine-pourquoi-il-refuse-de-parler-publiquement-de-ses-filles-maria-et-katerina_491676#utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article&part[name]=welcoming&part[token]=39564c48f263b3f97a20af52fd48b15d
Message:
The resource https://www.googletagservices.com/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
cdn.polyfill.io
consent.gala.fr
consents.prismamedia.com
creas.prismamediadigital.com
er.cloud-media.fr
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
r.phywi.org
redirect.frontend.weborama.fr
s3s-main.net
tra.scds.pmdstatic.net
wtm.info-people.fr
www.gala.fr
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.90.181.197
104.92.104.145
108.157.4.53
18.66.139.107
18.66.242.100
192.229.221.61
2001:41d0:203:9c59::
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a04:4e42:600::282
2a06:98c1:3120::7
35.190.16.14
52.213.136.124
91.190.170.11
082e56acf375a2d74192f4ccc54af56ac37f8bde891e336fe0e935c5ee6e7628
08f7e870cb82a68236f0beffad5563e913cfdf68f869c1cc44ecb867f1bec852
0ae15686a83986b3cdf6b13501a27d35ba3b7606924b948bc91379b02e6bb3b8
0b0189976a5521f8b4241162735efdd9b71ac979e56802c1bbfea8208dc4bed3
0bc5b1b47b29a53a9f76ac289c61f5758af90b08738722ad8cefcc879b30b269
0dd5260eaef70ef5b0d02083ab0c005e28337cfd1586d474ef09266a1d390976
0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
2f64968467aca2417883f8780f9b112f4c8a4cad61fc5d4fe79eed4a3779b70d
3fee269b4cb6940083945ef2151cb6a32ed9f33183298200779f485575372ea0
47471d74b75c12424d42c78d55692e90afd9b04f34d14adbb572f37cab0b8954
4d7cab55b0f583c2092a5c0d50869023308c8c0c5eb8aa93331fe75ca3341174
50e78c287ec8baa1642f72e90c1d9e0202a1929385a5386ddfe6234e55f3d4b2
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
55162ef3274f682d57d9c0e17c488d240977f292d2aa3d437202e17c6b57d8b4
5b91baff78fa4145193133a9f152a78dd6026f9085bd86c10acccaf84edd8575
5f95f5d399a088f989753abcd25518b3faa99b462f9913d7c16d21351923435e
6505b46fceac25484dfac3b50ede15bb5c99864271fb683e953bfb810d7ca493
6a448545c2a7d2ee3ee899e1f8d77b88ea84cd331e840664761ad279c85bf7d5
6e19c02d9538121a0d31bfd7b6889e5e27cf20429052068a2501425830cd087f
71c8e27a03dd18e353c477d77adfba62ca6b7ca9306ce8be953c64b61b971b2d
818d49ebc1dc8fe5cfa64622f0ec258e352b4c7c8a43d3e1a2aebd8b501ea2b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
98c95a7c84e29b9572e918f75141ca76ab2586ea4fa9eea372330b8e5d41cc7e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b69c4f26bcdf50e03853c80754d362880cbf1e1c03a11e225a84985472f9f7d2
b81c7768eea53c12db13ab7a2a310ab09ad30e6524df5dd23625facae106830a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcace9f1f3cbbf0a56fae35a8869aa39a605b5d8e488a437a7fc7c8826a95cf5
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825
d7c1d34e795a55124231012e470d37540bd528d5e830cd401e3d48f6bb6bf626
e873d01dd9d4f26d2ee1a0b5282887c740931be8b46672b79fcb23a2ec1d50d7
ee6b8f339a5e9f02379bef6b7d55e4032df341273c4b546489a8c073d409953e
f24a5176e6926ca79a395e6e6f7f5d7eb2c6ecbe8448fe11dbe71e5f0ff284ec
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3