news.communications-rmngp.fr Open in urlscan Pro
192.29.200.183 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news.communications-rmngp.fr/boutique-preferences?utm_CodePar=utm_CodeContact=28&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&...
Submission: On October 08 via api (October 8th 2023, 1:17:42 pm UTC) from CZ — Scanned from FR

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 192.29.200.183, located in Amsterdam, Netherlands and belongs to ORACLE-BMC-31898, US. The main domain is news.communications-rmngp.fr.
TLS certificate: Issued by R3 on August 8th 2023. Valid for: 3 months.

This is the only time news.communications-rmngp.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.29.200.183 192.29.200.183	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	23.201.242.231 23.201.242.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	192.29.202.153 192.29.202.153	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	9

1 192.29.200.183 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

news.communications-rmngp.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.201.242.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-242-231.deploy.static.akamaitechnologies.com

img06.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.29.202.153 (Amsterdam, Netherlands) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

s1816717515.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	eloqua.com 2 redirects s1816717515.t.eloqua.com	2 KB
3	en25.com img06.en25.com — Cisco Umbrella Rank: 59992	177 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	32 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 560 p.typekit.net — Cisco Umbrella Rank: 722	1 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	33 KB
1	communications-rmngp.fr news.communications-rmngp.fr	15 KB
11	7

	Domain	Requested by
3	s1816717515.t.eloqua.com	2 redirects news.communications-rmngp.fr
3	img06.en25.com	news.communications-rmngp.fr
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	code.jquery.com	news.communications-rmngp.fr
1	ajax.googleapis.com	news.communications-rmngp.fr
1	fonts.googleapis.com	news.communications-rmngp.fr
1	use.typekit.net	news.communications-rmngp.fr
1	news.communications-rmngp.fr
11	9

This site contains links to these domains. Also see Links.

Domain
www.boutiquesdemusees.fr

Subject Issuer	Validity	Valid
news.communications-rmngp.fr R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.communications-rmngp.fr/boutique-preferences?utm_CodePar=utm_CodeContact=28&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elq=9176a7bb071b49c989c3f40c78aff42e&elqaid=1932&elqat=1&elqCampaignId=1039
Frame ID: B11EF7B5E8C7FC230DF151F6EF66CFC3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Boutiques de Musées - Centre de préférences

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

292 kB
Transfer

525 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.boutiquesdemusees.fr/fr/article/268-politique-de-protection-des-donnees.html?elqTrackId=3d0347d1789c403fa0533df273dada49&elqaid=81&elqat=2
Title: cliquez ici

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://s1816717515.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1816717515&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=81&PURLRecordID=0&PURLGUID=7C5C871D00674FA2812B95816474FC3B&UseRelativePath=True&elq={9176A7BB-071B-49C9-89C3-F40C78AFF42E}&elq_ck=0&utm_CodePar=utm_CodeContact&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elqaid=1932&elqat=1&elqCampaignId=1039 HTTP 302
https://s1816717515.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1816717515&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=81&PURLRecordID=0&PURLGUID=7C5C871D00674FA2812B95816474FC3B&UseRelativePath=True&elq={9176A7BB-071B-49C9-89C3-F40C78AFF42E}&elq_ck=0&utm_CodePar=utm_CodeContact&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elqaid=1932&elqat=1&elqCampaignId=1039&elqCookie=1 HTTP 302
https://s1816717515.t.eloqua.com/eloquaimages/tinydot.gif

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request boutique-preferences Show response
news.communications-rmngp.fr/ 121 KB
15 KB 695ms
260ms Document
text/html 192.29.200.183
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://news.communications-rmngp.fr/boutique-preferences?utm_CodePar=utm_CodeContact=28&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elq=9176a7bb071b49c989c3f40c78aff42e&elqaid=1932&elqat=1&elqCampaignId=1039

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.200.183 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

0d0667bf42a9f795da79733bd49f3e0f53de6e00f9ed9a1e4ebb038f751a10d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 15210
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Oct 2023 13:17:36 GMT
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 fbs6ste.css
use.typekit.net/ 8 KB
1 KB 369ms
301ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/fbs6ste.css

Requested by

Host: news.communications-rmngp.fr
URL: https://news.communications-rmngp.fr/boutique-preferences?utm_CodePar=utm_CodeContact=28&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elq=9176a7bb071b49c989c3f40c78aff42e&elqaid=1932&elqat=1&elqCampaignId=1039

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

afbc895bc5923daaabf1a6603e8d456bcfd5791b8de4652260b2d5b32917f7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 08 Oct 2023 13:17:37 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1047

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 100ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700;1,300&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cf0ba1abe121d0751048b000afbc2bd4f5917527aaf94766a742bbcfd411f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 13:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 13:17:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 13:17:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 12:16:30 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 57ms
18ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: news.communications-rmngp.fr
URL: https://news.communications-rmngp.fr/boutique-preferences?utm_CodePar=utm_CodeContact=28&elqTrackId=8cc57616005b420b9fb1ec115ae268bb&elq=9176a7bb071b49c989c3f40c78aff42e&elqaid=1932&elqat=1&elqCampaignId=1039
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:17:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1970450
x-cache: HIT, HIT
content-length: 33738
x-served-by: cache-lga21956-LGA, cache-lcy-eglc8600062-LCY
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696771057.170487,VS0,VE0
etag: W/"28feccc0-17b8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 162, 199471

GET
H/1.1 200
OK %7B7eff872e-49d5-4e90-9e65-c9b09fc5cc44%7D_logo-bdm.JPG
img06.en25.com/EloquaImages/clients/RMNGP/ 28 KB
28 KB 41ms
41ms Image
image/jpeg 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/RMNGP/%7B7eff872e-49d5-4e90-9e65-c9b09fc5cc44%7D_logo-bdm.JPG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

85e202e319ca6838533fd648bf38de9dd06a04b09d31c574122cebc98ed4d75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 08 Oct 2023 13:17:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 19:26:22 GMT
ETag: "9116566a9696d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/jpeg
Cache-Control: no-store
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 28179
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Oct 2023 13:17:37 GMT

GET
H/1.1 200
OK %7Bd342c1ae-4eef-4244-a82f-6f2ecf932510%7D_RMN_deco_1600x800.jpg
img06.en25.com/EloquaImages/clients/RMNGP/ 134 KB
135 KB 54ms
53ms Image
image/jpeg 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/RMNGP/%7Bd342c1ae-4eef-4244-a82f-6f2ecf932510%7D_RMN_deco_1600x800.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b56be55c4c667b67ae11f488cf50ca8b58ac20c0cf050b8faac2cba2d5f15d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 08 Oct 2023 13:17:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Oct 2020 13:29:40 GMT
ETag: "eb124eaf697d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/jpeg
Cache-Control: no-store
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 137444
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Oct 2023 13:17:37 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img06.en25.com/i/ 13 KB
14 KB 102ms
32ms Script
application/x-javascript 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 08 Oct 2023 13:17:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2023 19:34:32 GMT
ETag: "94b219b6e5b8d91:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: application/x-javascript
Cache-Control: no-store
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 13723
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Oct 2023 13:17:37 GMT

GET
H/1.1

200
OK

tinydot.gif
s1816717515.t.eloqua.com/eloquaimages/
Redirect Chain

https://s1816717515.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1816717515&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=81&PURLRecordID=0&PURLGUID=7C5C871D00674FA2812B958164...
https://s1816717515.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1816717515&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=81&PURLRecordID=0&PURLGUID=7C5C871D00674FA2812B9...
https://s1816717515.t.eloqua.com/eloquaimages/tinydot.gif

49 B
542 B

35ms
34ms

Image
image/gif

192.29.202.153
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1816717515.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Protocol

HTTP/1.1

Server

192.29.202.153 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.communications-rmngp.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 08 Oct 2023 13:17:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2023 19:34:30 GMT
ETag: "11affb4e5b8d91:0"
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 08 Oct 2023 13:17:37 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: /eloquaimages/tinydot.gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 93ms
30ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=fbs6ste&ht=tk&f=31141.31142.31144.31145.31146.31154.31156.31162.31163.31166.31167&a=27444053&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fbs6ste.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:17:37 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 86ms
27ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,700;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.communications-rmngp.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 241178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:17:59 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.news.communications-rmngp.fr/	1970-01-21 00:51:15	Name: ELOQUA Value: GUID=7C5C871D00674FA2812B95816474FC3B
.eloqua.com/	1970-01-21 00:51:15	Name: ELOQUA Value: GUID=5E14F9C215044836A7B19263FC8E578D
.eloqua.com/	1970-01-21 00:51:15	Name: ELQSTATUS Value: OK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
img06.en25.com
news.communications-rmngp.fr
p.typekit.net
s1816717515.t.eloqua.com
use.typekit.net
192.29.200.183
192.29.202.153
23.201.242.231
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:831::200a
2a02:26f0:3500:16::215:1495
2a02:26f0:480:f::213:7ec6
2a04:4e42::649
0d0667bf42a9f795da79733bd49f3e0f53de6e00f9ed9a1e4ebb038f751a10d0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b56be55c4c667b67ae11f488cf50ca8b58ac20c0cf050b8faac2cba2d5f15d9
7cf0ba1abe121d0751048b000afbc2bd4f5917527aaf94766a742bbcfd411f7f
85e202e319ca6838533fd648bf38de9dd06a04b09d31c574122cebc98ed4d75f
afbc895bc5923daaabf1a6603e8d456bcfd5791b8de4652260b2d5b32917f7df
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

news.communications-rmngp.fr Open in urlscan Pro 192.29.200.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

292 kBTransfer

525 kBSize

3 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

news.communications-rmngp.fr Open in urlscan Pro
192.29.200.183 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

292 kB
Transfer

525 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions