urlscan.io logo urlscan.io
SecurityTrails logo

preprod-serviceclients-novius.lesechos.fr Open in urlscan Pro
91.194.100.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://preprod-serviceclients-novius.lesechos.fr/
Effective URL: https://preprod-serviceclients-novius.lesechos.fr/login
Submission: On June 25 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 26 HTTP transactions. The main IP is 91.194.100.89, located in France and belongs to ADELINOVIUS, FR. The main domain is preprod-serviceclients-novius.lesechos.fr.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 21st 2020. Valid for: 2 years.
This is the only time preprod-serviceclients-novius.lesechos.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    91.194.100.89 (France)

ASN43142 (ADELINOVIUS, FR)
PTR: nc3050.novius.net
preprod-serviceclients-novius.lesechos.fr
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.102.142.34 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 34.142.102.34.bc.googleusercontent.com
safeconnecty.com
1    80.70.210.36 (France)

ASN34913 (DALENYS, FR)
PTR: vlan341-pc-sb-hapx1.ip.rtblw.com
js.sandbox.be2bill.com
1    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    143.204.89.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-129.fra50.r.cloudfront.net
js.braintreegateway.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.89.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-85.fra50.r.cloudfront.net
tag.aticdn.net
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    143.204.100.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-24.fra50.r.cloudfront.net
logs1122.xiti.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
8 lesechos.fr
preprod-serviceclients-novius.lesechos.fr
168 KB
3 gstatic.com
fonts.gstatic.com
39 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2229
t.paypal.com — Cisco Umbrella Rank: 3103
6 KB
2 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 8194
26 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 13250
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 8
501 B
1 xiti.com
logs1122.xiti.com — Cisco Umbrella Rank: 287485
304 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
460 B
1 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 18985
23 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
79 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1936
235 KB
1 be2bill.com
js.sandbox.be2bill.com
15 KB
1 safeconnecty.com
safeconnecty.com — Cisco Umbrella Rank: 155311
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
26 15
Domain Requested by
8 preprod-serviceclients-novius.lesechos.fr 1 redirects preprod-serviceclients-novius.lesechos.fr
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
preprod-serviceclients-novius.lesechos.fr
2 js.braintreegateway.com preprod-serviceclients-novius.lesechos.fr
1 t.paypal.com preprod-serviceclients-novius.lesechos.fr
1 www.google.fr preprod-serviceclients-novius.lesechos.fr
1 www.google.com preprod-serviceclients-novius.lesechos.fr
1 logs1122.xiti.com preprod-serviceclients-novius.lesechos.fr
1 stats.g.doubleclick.net www.google-analytics.com
1 tag.aticdn.net www.googletagmanager.com
1 www.paypal.com www.paypalobjects.com
1 www.googletagmanager.com preprod-serviceclients-novius.lesechos.fr
1 www.paypalobjects.com preprod-serviceclients-novius.lesechos.fr
1 js.sandbox.be2bill.com preprod-serviceclients-novius.lesechos.fr
1 safeconnecty.com preprod-serviceclients-novius.lesechos.fr
1 fonts.googleapis.com preprod-serviceclients-novius.lesechos.fr
26 16
Subject Issuer Validity Valid
preprod-serviceclients-novius.lesechos.fr
GeoTrust RSA CA 2018		 2020-07-21 -
2022-07-26		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
safeconnecty.com
GTS CA 1D4		 2022-06-13 -
2022-09-11		 3 months crt.sh
js.sandbox.dalenys.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-27		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-07 -
2022-08-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2022-01-11 -
2023-01-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.xiti.com
Thawte RSA CA 2018		 2022-04-29 -
2023-04-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://preprod-serviceclients-novius.lesechos.fr/login
Frame ID: A217BFDD90ACC767811D68011C1A5B8C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Espace abonnés Les Échos

Page URL History Show full URLs

  1. https://preprod-serviceclients-novius.lesechos.fr/ HTTP 302
    https://preprod-serviceclients-novius.lesechos.fr/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • xiti\.com/hit\.xiti
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

26
Requests

100 %
HTTPS

44 %
IPv6

15
Domains

16
Subdomains

16
IPs

4
Countries

613 kB
Transfer

2455 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://preprod-serviceclients-novius.lesechos.fr/ HTTP 302
    https://preprod-serviceclients-novius.lesechos.fr/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
preprod-serviceclients-novius.lesechos.fr/
Redirect Chain
  • https://preprod-serviceclients-novius.lesechos.fr/
  • https://preprod-serviceclients-novius.lesechos.fr/login
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
b26b5c1631e4c74bda3e5e48fcfc03ece12e63c97a95b7c3cd00efc4bf1d9f1f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-length
9356
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
content-type
text/html; charset=UTF-8
date
Sat, 25 Jun 2022 22:05:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-robots-tag
noindex,nofollow,noarchive
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, must-revalidate
content-length
466
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
content-type
text/html; charset=UTF-8
date
Sat, 25 Jun 2022 22:05:25 GMT
expires
-1
location
https://preprod-serviceclients-novius.lesechos.fr/login
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-robots-tag
noindex,nofollow,noarchive
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@700&family=Source+Sans+Pro:wght@400;600;700&display=swap
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
340dc0008bf3ea8673c6ed4df4cc8c25d5d02d6d4f162018ac44114dbaba8f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 22:05:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 25 Jun 2022 22:05:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Jun 2022 22:05:26 GMT
app.css
preprod-serviceclients-novius.lesechos.fr/css/ 		85 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://preprod-serviceclients-novius.lesechos.fr/css/app.css?id=666957e0ef7fcabd707a
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
3317d815a90d1abab35411139aa0b0e7848bec24c37e07b3055842856456c02e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 08:50:45 GMT
server
nginx
etag
"15348-5e1dd332276c1-gzip"
x-frame-options
sameorigin
content-type
text/css
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
x-robots-tag
noindex,nofollow,noarchive
vary
Accept-Encoding
content-length
16613
x-xss-protection
1; mode=block
677bd8ff704c98d7ce616810805aa998a3614b9d.svg
preprod-serviceclients-novius.lesechos.fr/storage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preprod-serviceclients-novius.lesechos.fr/storage/677bd8ff704c98d7ce616810805aa998a3614b9d.svg
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
4aa784c85978133704d4383a2f08939cc093029d9e87434c97b03d0ed4203625
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jul 2020 15:11:38 GMT
server
nginx
etag
W/"be9-5aaf50a3c6d26"
x-frame-options
sameorigin
content-type
image/svg+xml
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex,nofollow,noarchive
x-xss-protection
1; mode=block
logo-footer.svg
preprod-serviceclients-novius.lesechos.fr/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preprod-serviceclients-novius.lesechos.fr/images/logo-footer.svg
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
4aa784c85978133704d4383a2f08939cc093029d9e87434c97b03d0ed4203625
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 08:50:45 GMT
server
nginx
etag
W/"be9-5e1dd33289ef9"
x-frame-options
sameorigin
content-type
image/svg+xml
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex,nofollow,noarchive
x-xss-protection
1; mode=block
app.js
preprod-serviceclients-novius.lesechos.fr/js/ 		304 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod-serviceclients-novius.lesechos.fr/js/app.js?id=ec09d946d249489f7c58
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
8cf7ada33e443f34d9a5c31efdbb9a8f180c4149cc15b52f6c92a0310a1db5d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 08:50:45 GMT
server
nginx
etag
"4be6e-5e1dd332273ce-gzip"
x-frame-options
sameorigin
content-type
application/javascript
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
x-robots-tag
noindex,nofollow,noarchive
vary
Accept-Encoding
x-xss-protection
1; mode=block
tag_lesechosleparisien_dev.js
safeconnecty.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safeconnecty.com/tag_lesechosleparisien_dev.js
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.142.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
34.142.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
40d9967b9b44148a14a024e9eaf473bad20536571d5463330948727e111cf9b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 13:01:44 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
etag
W/"5f6dea38-79d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hosted-fields.min.js
js.sandbox.be2bill.com/hosted-fields/v2.0.0/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sandbox.be2bill.com/hosted-fields/v2.0.0/hosted-fields.min.js
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
80.70.210.36 , France, ASN34913 (DALENYS, FR),
Reverse DNS
vlan341-pc-sb-hapx1.ip.rtblw.com
Software
Payment Hero /
Resource Hash
1e360e36387cadc04342dd070ae5c18c7eb3fc9dd3b007f1d17f431592027fd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 25 Jun 2022 22:05:26 GMT
Last-Modified
Thu, 09 Jun 2022 09:06:18 GMT
Server
Payment Hero
ETag
"62a1b80a-398f"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Cache-Control
no-cache, private
Accept-Ranges
bytes
Content-Length
14735
checkout.js
www.paypalobjects.com/api/ 		1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
x-cache
HIT, HIT
paypal-debug-id
40438cc6522a4
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
239948
x-served-by
cache-sjc10071-SJC, cache-cdg20747-CDG
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
x-timer
S1656194726.380506,VS0,VE0
etag
W/"6266d4b0-16d23e"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
8, 25
client.min.js
js.braintreegateway.com/web/3.60.0/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.60.0/js/client.min.js
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-129.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1e4639a42b337592bb7a05870cee005b268bcd5d831b9a8f0b0ae97dc8c326c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 20:22:45 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 20:50:32 GMT
server
nginx
age
6161
etag
W/"62a25d18-a3d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rn7b9NPoPrNxi_7ER10P4YTJoWHMaW3uoVcjscOJK5Nj5wlNh4zK-A==
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
expires
Sun, 26 Jun 2022 20:22:45 GMT
paypal-checkout.min.js
js.braintreegateway.com/web/3.60.0/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.60.0/js/paypal-checkout.min.js
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-129.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6a246ba160a0aa36b7b8a3578b66acead220528e72b6768d4d839bcae8d74501

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 21:12:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 20:50:32 GMT
server
nginx
age
3167
etag
W/"62a25d18-c2f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lkypdirYa0CtRWvirromyEAojX_SHSXRb-MmPRd0pWBBMUY5Lq_DDg==
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
expires
Sun, 26 Jun 2022 21:12:39 GMT
gtm.js
www.googletagmanager.com/ 		235 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4SH4RJ
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f04edd9114a6277602b15d41d57fa8bcb7defd40e878ea33b8c16954c21da88e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80416
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 25 Jun 2022 22:05:26 GMT
svg-defs.svg
preprod-serviceclients-novius.lesechos.fr/images/ 		16 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://preprod-serviceclients-novius.lesechos.fr/images/svg-defs.svg
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
5f4d46d31d5c1d8e8de9edd0eb5e013e4cbf7ee4b2648828746aef9403618b28
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 08:50:46 GMT
server
nginx
etag
W/"3f8f-5e1dd332be7f5"
x-frame-options
sameorigin
content-type
image/svg+xml
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex,nofollow,noarchive
x-xss-protection
1; mode=block
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@700&family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://preprod-serviceclients-novius.lesechos.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:26:22 GMT
x-content-type-options
nosniff
age
268744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:26:22 GMT
Simple-Line-Icons.woff2
preprod-serviceclients-novius.lesechos.fr/fonts/ 		29 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://preprod-serviceclients-novius.lesechos.fr/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/css/app.css?id=666957e0ef7fcabd707a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.194.100.89 , France, ASN43142 (ADELINOVIUS, FR),
Reverse DNS
nc3050.novius.net
Software
nginx /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://preprod-serviceclients-novius.lesechos.fr/css/app.css?id=666957e0ef7fcabd707a
Origin
https://preprod-serviceclients-novius.lesechos.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 08:50:46 GMT
server
nginx
etag
"7570-5e1dd3333bd88"
x-frame-options
sameorigin
content-type
font/woff2
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
x-robots-tag
noindex,nofollow,noarchive
content-length
30064
x-xss-protection
1; mode=block
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@700&family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://preprod-serviceclients-novius.lesechos.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:26:22 GMT
x-content-type-options
nosniff
age
268744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:26:22 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@700&family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://preprod-serviceclients-novius.lesechos.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
393584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 08:45:42 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=preprod-serviceclients-novius.lesechos.fr&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-E9DgVoExRu17yvJmyEkhIEHDfkTuedqUXGd/I0rJHHhC4pEq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-E9DgVoExRu17yvJmyEkhIEHDfkTuedqUXGd/I0rJHHhC4pEq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
HIT, HIT
paypal-debug-id
f131152350302
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-lhr7320-LHR, cache-cdg20729-CDG
x-timer
S1656194727.666597,VS0,VE212
x-frame-options
SAMEORIGIN
date
Sat, 25 Jun 2022 22:05:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges
bytes
x-cache-hits
1, 1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4SH4RJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6453
date
Sat, 25 Jun 2022 20:17:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 25 Jun 2022 22:17:53 GMT
smarttag.js
tag.aticdn.net/601469/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/601469/smarttag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4SH4RJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-85.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdf5dcdb8df84fe84f2e45c123340e36f194a87f4e9b86580a5ee9a06b014c90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
CWijA766riEyyQ2wLDFN.ZimH1NKVSld
content-encoding
gzip
etag
W/"8f836fbfd2152b74444d9a6d499dcc5f"
age
186
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 19 Jan 2022 14:41:14 GMT
server
AmazonS3
date
Sat, 25 Jun 2022 22:03:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GcSXpfWt8MzVAoOkt7t-5LJ3KEr5RzOgACY-fxUraqmLJqxBQEgZKg==
collect
stats.g.doubleclick.net/j/ 		4 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28772439-9&cid=1545148290.1656194727&jid=834263268&gjid=470757010&_gid=795928782.1656194727&_u=YGBAgEABAAAAAE~&z=1345804538
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://preprod-serviceclients-novius.lesechos.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 25 Jun 2022 22:05:26 GMT
content-type
text/plain
access-control-allow-origin
https://preprod-serviceclients-novius.lesechos.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1687207471&t=pageview&_s=1&dl=https%3A%2F%2Fpreprod-serviceclients-novius.lesechos.fr%2Flogin&ul=en-us&de=UTF-8&dt=Espace%20abonn%C3%A9s%20Les%20%C3%89chos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=834263268&gjid=470757010&cid=1545148290.1656194727&tid=UA-28772439-9&_gid=795928782.1656194727&gtm=2wg6m0P4SH4RJ&cd27=&z=306081655
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Jun 2022 19:25:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9626
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hit.xiti
logs1122.xiti.com/ 		35 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs1122.xiti.com/hit.xiti?s=601469&idclient=3da3cc1a-a246-4629-9598-f4d46ee6dc15&ts=1656194726724&vtag=5.28.1&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=22x5x26&lng=en-US&idp=2205263891306&jv=0&p=authentification::login&s2=44&vrn=1&x1=/login&x20=&stc=%7B%22device%22%3A%22desktop%22%7D&ref=
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.100.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-100-24.fra50.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:26 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=15768000
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
35
x-amz-cf-id
gV5gGYBFRVJJlK9ucMs8mcGN7n7h3qjcgsvIvPng-V68oe6-SoV-Ag==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28772439-9&cid=1545148290.1656194727&jid=834263268&_u=YGBAgEABAAAAAE~&z=374479285
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Jun 2022 22:05:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28772439-9&cid=1545148290.1656194727&jid=834263268&_u=YGBAgEABAAAAAE~&z=374479285
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Jun 2022 22:05:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts
t.paypal.com/ 		42 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Espace%20abonn%C3%A9s%20Les%20%C3%89chos&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1656194726901&g=0&completeurl=https%3A%2F%2Fpreprod-serviceclients-novius.lesechos.fr%2Flogin&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: preprod-serviceclients-novius.lesechos.fr
URL: https://preprod-serviceclients-novius.lesechos.fr/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://preprod-serviceclients-novius.lesechos.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 22:05:27 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
610c765727705
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7337-LHR, cache-cdg20751-CDG
pragma
no-cache
x-timer
S1656194727.973317,VS0,VE159
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 22:05:27 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| webpackChunk function| Velocity function| focusIframe object| MicroModal function| _ function| axios string| cssString function| pwx_isApplePayEligible function| pwx_doApplePay object| google_tag_manager function| postscribe object| google_tag_manager_external object| dalenys object| be2bill object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| braintree object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| ATInternet function| ATCustomEvent object| tag object| didomiOnReady object| paypalDDL

9 Cookies

Domain/Path Name / Value
preprod-serviceclients-novius.lesechos.fr/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVQa0tuNzcyN1Y1WFRCOWRyRFVWd1E9PSIsInZhbHVlIjoiZVlYWDNCbCtNNzBpeU9kVWhcL01RQ28xRG4rMURDZTJNWFZwSnZxU3d0V1NDMEpockxVSWxiaHFCcTE0V3RaUHciLCJtYWMiOiIxOTQ3ODcwZWMwMmU1ZjEyMjZiMDMyNmI3NDk5OThkNjAxMTZlMDljZTVmZDVhYjQ2MzI4NjIyMDFiNmIwZTk4In0%3D
preprod-serviceclients-novius.lesechos.fr/ Name: espace_abonnement_les_echos_session
Value: eyJpdiI6IlhJbG1DeGZQdVh3VTB4M3NQMlJSS0E9PSIsInZhbHVlIjoiNlwvYllOQzkyM3AyWkNEOFZHRmRja2FQdGtpekdiOGVWaHRaUUF1Q1N4VmxacHE4VXFEU21rb0RtckExU3gzc2YiLCJtYWMiOiJhZjU2MTZjNDAyOTk4NmNkY2JiZjQyNGQzYTJjNzY3MzAyYjI0NmE4NGZiZTY0OGM3NDZmMWY1NzgyNWJkZjQxIn0%3D
.lesechos.fr/ Name: _ga
Value: GA1.2.1545148290.1656194727
.lesechos.fr/ Name: _gid
Value: GA1.2.795928782.1656194727
.lesechos.fr/ Name: _dc_gtm_UA-28772439-9
Value: 1
.lesechos.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%223da3cc1a-a246-4629-9598-f4d46ee6dc15%22%2C%22options%22%3A%7B%22end%22%3A%222023-07-20T22%3A05%3A26.719Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.lesechos.fr/ Name: atidvisitor
Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-601469-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
.paypal.com/ Name: ts
Value: vreXpYrS%3D1750889127%26vteXpYrS%3D1656196527%26vr%3D9ce5fc951810a5b216d3c36effffffff%26vt%3D9ce5fc951810a5b216d3c36efffffffe
.paypal.com/ Name: ts_c
Value: vr%3D9ce5fc951810a5b216d3c36effffffff%26vt%3D9ce5fc951810a5b216d3c36efffffffe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://www.google.com https://tagmanager.google.com https://*.cdp.leparisien.fr https://sandbox.tinypass.com https://s1.lprs1.fr https://tag.audience.acpm.fr https://youtube.com https://www.youtube.com https://snap.licdn.com https://www.googleadservices.com https://amplify.outbrain.com https://connect.facebook.net https://u.logbor.com https://cstatic.weborama.fr https://googleads.g.doubleclick.net https://tracking.publicidees.com https://s.ytimg.com https://aimfr.solution.weborama.fr https://assets.leparisien.fr https://sdk.privacy-center.org https://boot.pubstack.io https://cdn-alliancegravity.s3.amazonaws.com https://js.sandbox.be2bill.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://safeconnecty.com https://js1.dalenys.com https://tag.agrvt.com https://sjs.bizographics.com https://u.logbor.com https://px.ads.linkedin.com https://www.linkedin.com https://connect.facebook.net https://tracking.publicidees.com https://secure.adnxs.com https://try.abtasty.com https://ariane.abtasty.com https://cstatic.weborama.fr https://wamfactory.solution.weborama.fr https://rd.frontend.weborama.fr https://dcinfos-cache.abtasty.com http://aimfr.solution.weborama.fr https://dcinfos.abtasty.com https://teddytor.abtasty.com https://bat.bing.com https://sdk.privacy-center.org https://tag.aticdn.net https://cdn.novius.net; worker-src 'self' blob:; object-src 'self' https://sandbox.tinypass.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.braintreegateway.com
js.sandbox.be2bill.com
logs1122.xiti.com
preprod-serviceclients-novius.lesechos.fr
safeconnecty.com
stats.g.doubleclick.net
t.paypal.com
tag.aticdn.net
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
143.204.100.24
143.204.89.129
143.204.89.85
151.101.129.21
151.101.129.35
151.101.2.133
2001:4860:4802:38::178
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9d
34.102.142.34
80.70.210.36
91.194.100.89
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
1e360e36387cadc04342dd070ae5c18c7eb3fc9dd3b007f1d17f431592027fd9
1e4639a42b337592bb7a05870cee005b268bcd5d831b9a8f0b0ae97dc8c326c5
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
3317d815a90d1abab35411139aa0b0e7848bec24c37e07b3055842856456c02e
340dc0008bf3ea8673c6ed4df4cc8c25d5d02d6d4f162018ac44114dbaba8f20
40d9967b9b44148a14a024e9eaf473bad20536571d5463330948727e111cf9b1
4aa784c85978133704d4383a2f08939cc093029d9e87434c97b03d0ed4203625
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5f4d46d31d5c1d8e8de9edd0eb5e013e4cbf7ee4b2648828746aef9403618b28
6a246ba160a0aa36b7b8a3578b66acead220528e72b6768d4d839bcae8d74501
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf7ada33e443f34d9a5c31efdbb9a8f180c4149cc15b52f6c92a0310a1db5d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b26b5c1631e4c74bda3e5e48fcfc03ece12e63c97a95b7c3cd00efc4bf1d9f1f
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
cdf5dcdb8df84fe84f2e45c123340e36f194a87f4e9b86580a5ee9a06b014c90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04edd9114a6277602b15d41d57fa8bcb7defd40e878ea33b8c16954c21da88e