actu.gala.fr Open in urlscan Pro
104.96.135.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.p...
Effective URL:
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_sourc...
Submission: On July 29 via api (July 29th 2022, 12:06:21 pm UTC) from IE — Scanned from FR

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 53 HTTP transactions. The main IP is 104.96.135.103, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is actu.gala.fr. The Cisco Umbrella rank of the primary domain is 582472.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 20th 2022. Valid for: a year.

This is the only time actu.gala.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.190.170.11 91.190.170.11	31688 (SPLIO-AS) (SPLIO-AS)
2 3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:41d0:403... 2001:41d0:403:34c2::	16276 (OVH) (OVH)
1 2	54.76.232.54 54.76.232.54	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
3 18	104.96.135.103 104.96.135.103	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	192.229.221.61 192.229.221.61	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80f::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.85.121 13.225.85.121	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.226 192.229.221.226	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	13.224.189.6 13.224.189.6	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4014:80b::200e	15169 (GOOGLE) (GOOGLE)
6	13.225.78.104 13.225.78.104	16509 (AMAZON-02) (AMAZON-02)
1	34.111.211.215 34.111.211.215	15169 (GOOGLE) (GOOGLE)
53	16

1 91.190.170.11 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr

s3s-main.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wtm.people-addict.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:403:34c2:: (France)

ASN16276 (OVH, FR)

r.phywi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.232.54 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-232-54.eu-west-1.compute.amazonaws.com

er.cloud-media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.96.135.103 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-103.deploy.static.akamaitechnologies.com

actu.gala.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consents.prismamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.prismaconnect.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prismaconnect.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creas.prismamediadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.229.221.61 (United States)

ASN15133 (EDGECAST, US)

tra.scds.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80f::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-121.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.226 (United States)

ASN15133 (EDGECAST, US)

img.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-6.fra2.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-104.fra2.r.cloudfront.net

consent.gala.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.211.215 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 215.211.111.34.bc.googleusercontent.com

ppid.prismadata.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gala.fr 2 redirects actu.gala.fr — Cisco Umbrella Rank: 582472 consent.gala.fr — Cisco Umbrella Rank: 405442	122 KB
10	pmdstatic.net tra.scds.pmdstatic.net — Cisco Umbrella Rank: 120011 img.pmdstatic.net — Cisco Umbrella Rank: 100093	342 KB
6	gstatic.com fonts.gstatic.com	48 KB
3	prismaconnect.fr www.prismaconnect.fr — Cisco Umbrella Rank: 171918 api.prismaconnect.fr — Cisco Umbrella Rank: 149208	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	159 KB
3	people-addict.fr 2 redirects wtm.people-addict.fr	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4929	52 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10303	530 B
2	cloud-media.fr 1 redirects er.cloud-media.fr — Cisco Umbrella Rank: 184209	420 B
2	phywi.org r.phywi.org — Cisco Umbrella Rank: 102538	1 KB
1	prismamediadigital.com creas.prismamediadigital.com — Cisco Umbrella Rank: 239121	2 KB
1	prismadata.fr ppid.prismadata.fr — Cisco Umbrella Rank: 503317	251 B
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2907	450 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2302	22 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211	28 KB
1	prismamedia.com 1 redirects consents.prismamedia.com — Cisco Umbrella Rank: 128991	358 B
1	s3s-main.net s3s-main.net — Cisco Umbrella Rank: 191809	1 KB
53	18

	Domain	Requested by
13	actu.gala.fr	2 redirects wtm.people-addict.fr actu.gala.fr www.datadoghq-browser-agent.com
9	tra.scds.pmdstatic.net	actu.gala.fr www.datadoghq-browser-agent.com s3s-main.net www.prismaconnect.fr
6	consent.gala.fr	www.datadoghq-browser-agent.com cdn.privacy-mgmt.com consent.gala.fr
6	fonts.gstatic.com	actu.gala.fr
3	www.googletagmanager.com	actu.gala.fr tra.scds.pmdstatic.net www.googletagmanager.com
3	wtm.people-addict.fr	2 redirects
2	api.prismaconnect.fr	tra.scds.pmdstatic.net
2	www.google-analytics.com	www.googletagmanager.com
2	cdn.privacy-mgmt.com	s3s-main.net cdn.privacy-mgmt.com
2	redirect.frontend.weborama.fr	2 redirects
2	er.cloud-media.fr	1 redirects wtm.people-addict.fr
2	r.phywi.org	wtm.people-addict.fr
1	creas.prismamediadigital.com	consent.gala.fr
1	ppid.prismadata.fr	www.datadoghq-browser-agent.com
1	www.prismaconnect.fr	s3s-main.net
1	cdn.polyfill.io	tra.scds.pmdstatic.net
1	img.pmdstatic.net	actu.gala.fr
1	www.datadoghq-browser-agent.com	actu.gala.fr
1	securepubads.g.doubleclick.net	actu.gala.fr
1	consents.prismamedia.com	1 redirects
1	s3s-main.net
53	21

This site contains links to these domains. Also see Links.

Domain
www.gala.fr
www.instagram.com
www.prismamedia.com
www.prismamediasolutions.com
ops.gala.fr
www.prismashop.fr

Subject Issuer	Validity	Valid
s3s.fr Sectigo RSA Domain Validation Secure Server CA	`2022-04-21` - `2023-05-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.phywi.org Gandi Standard SSL CA 2	`2022-01-13` - `2023-02-13`	a year	crt.sh
prismamediadigital.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-20` - `2023-04-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
www.gala.fr Sectigo RSA Organization Validation Secure Server CA	`2021-12-03` - `2022-12-03`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.privacy-mgmt.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
consent.caminteresse.fr R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
track.prismadata.fr GTS CA 1D4	`2022-07-13` - `2022-10-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Frame ID: B7AB1994C491E761FF7075BEBEC23EAA
Requests: 43 HTTP requests in this frame

Frame: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Frame ID: B6B885A194F44DD328AF8FE3ACCCECB2
Requests: 3 HTTP requests in this frame

Frame: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Frame ID: 442D3FBF8C286C2A8646B5C814E61D9B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daniel Lévi toujours hospitalisé : sa femme brise le silence

Page URL History Show full URLs

https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u... Page URL
https://wtm.people-addict.fr/r/eNpVUUtvozAQ%2FjXsjfIwEPtQrUhJunnQJY%2FShAsyZgiusEFgQsmvX%2Be40hy%2B10jzaS... HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233b... HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gal... Page URL
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-sile... HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.gala.fr&redirectUri=%2fl_actu%2fnews_de_sta... HTTP 302
https://actu.gala.fr/?authId=92a73a44107e7587565556cfbecf218e&redirectUri=%2fl_actu%2fnews_de_sta... HTTP 302
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-sile... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

53
Requests

96 %
HTTPS

41 %
IPv6

18
Domains

21
Subdomains

16
IPs

5
Countries

801 kB
Transfer

2318 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gala.fr/
Title: Gala

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CgjRslGs6hP/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: http://www.prismamedia.com/cgu-groupe-prisma/
Title: CONDITIONS GÉNÉRALES D'UTILISATION

Search URL Search Domain Scan URL

URL: https://www.prismamediasolutions.com/
Title: PUBLICITÉ

Search URL Search Domain Scan URL

URL: https://www.prismamedia.com/mentions-legales-gala/
Title: MENTIONS LÉGALES

Search URL Search Domain Scan URL

URL: https://ops.gala.fr/magazines/
Title: TOUS VOS MAGAZINES

Search URL Search Domain Scan URL

URL: https://www.prismashop.fr/tous-les-magazines/feminin/gala.html?code=SIEABOGAL&utm_source=gal-fr&utm_medium=sites-editos&utm_campaign=header
Title: ABONNEMENT MAGAZINE

Search URL Search Domain Scan URL

URL: http://www.prismamedia.com/charte-pour-la-protection-des-donnees/
Title: CHARTE POUR LA PROTECTION DES DONNÉES PERSONNELLES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2 Page URL
https://wtm.people-addict.fr/r/eNpVUUtvozAQ%2FjXsjfIwEPtQrUhJunnQJY%2FShAsyZgiusEFgQsmvX%2Be40hy%2B10jzaSbLJ7ZtY6uimDo%2BwRQzEkAVIGIvAm%2BBfa%2F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%2Bj6%2B1Ut1goNBw13ooU%2BPLjTb0peo1bfKnoIGEachLyAdF%2B0HzkkoOjdnAnZuqHb%2FbsR%2FMuh06rmjDBzAHalYgBJhF%2F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%2FGUxDym9SW51oc319TnvFWQO%2FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%2FbJWUyLOJldlhL0Z14eAgL7Lzq%2FZ%2FC4f%2FSqfVxFtztff%2FbbM%2FkswnUqPTxndiQH29OtD4e94S7X%2FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%2BrkuEyzMJb9aYUOb%2FGxftOPWNKNDOJo7vv0Hm%2B%2FFfqa0D%2Bj6au2 HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/13/44/o/?u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 Page URL
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.gala.fr&redirectUri=%2fl_actu%2fnews_de_stars%2fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3futm_source%3dwelcomingpeopleaddict%26utm_medium%3dcpc%26utm_campaign%3dpmo_gal_article HTTP 302
https://actu.gala.fr/?authId=92a73a44107e7587565556cfbecf218e&redirectUri=%2fl_actu%2fnews_de_stars%2fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3futm_source%3dwelcomingpeopleaddict%26utm_medium%3dcpc%26utm_campaign%3dpmo_gal_article HTTP 302
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://wtm.people-addict.fr/r/eNpVUUtvozAQ%2FjXsjfIwEPtQrUhJunnQJY%2FShAsyZgiusEFgQsmvX%2Be40hy%2B10jzaSbLJ7ZtY6uimDo%2BwRQzEkAVIGIvAm%2BBfa%2F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%2Bj6%2B1Ut1goNBw13ooU%2BPLjTb0peo1bfKnoIGEachLyAdF%2B0HzkkoOjdnAnZuqHb%2FbsR%2FMuh06rmjDBzAHalYgBJhF%2F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%2FGUxDym9SW51oc319TnvFWQO%2FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%2FbJWUyLOJldlhL0Z14eAgL7Lzq%2FZ%2FC4f%2FSqfVxFtztff%2FbbM%2FkswnUqPTxndiQH29OtD4e94S7X%2FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%2BrkuEyzMJb9aYUOb%2FGxftOPWNKNDOJo7vv0Hm%2B%2FFfqa0D%2Bj6au2 HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/13/44/o/?u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Request Chain 3

https://er.cloud-media.fr/r/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

Request Chain 4

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1353297055 HTTP 302
https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=9rOZ2ZjLZ.IoIZb7Jyj5m.

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 108890695.html Show response
s3s-main.net/fw19c3/21805526/22531599/ 722 B
1 KB 128ms
50ms Document
text/html 91.190.170.11
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.11 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash: bec644ff98196dd96b36fb68eb8461170634d6d364a5320932dd9dc3e4d5d11a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 722
Content-Type: text/html
Date: Fri, 29 Jul 2022 12:06:15 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
P3P: policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Pragma: no-cache
Server: Apache
X-Robots-Tag: noindex,nofollow

GET
H3

200

redirection.html Show response
wtm.people-addict.fr/
Redirect Chain

https://wtm.people-addict.fr/r/eNpVUUtvozAQ%2FjXsjfIwEPtQrUhJunnQJY%2FShAsyZgiusEFgQsmvX%2Be40hy%2B10jzaSbLJ7ZtY6uimDo%2BwRQzEkAVIGIvAm%2BBfa%2F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%...
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/13/44/o/?u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujour...
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_4...

4 KB
2 KB

69ms
68ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8831368925b7e6844794647054f06aefc00079cd89d5ef5865a4e21fca2b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7325ba3e788cb8fd-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 12:06:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF6RPyNO44JrIcuydNv9%2BjmUWzVx8nNcFKu0oUh4Ff6VS9jbRqaJVpxXYoBC1pLM3piUCBmLPLe17TR3YWiIXd6AQ36kqEPb5hQLyVE4Vv8jlJIeDdFvjNJwi1%2B3dwoPx1p6XXqtDxCCeXY69e7LMwAyRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-request-id: AC4766AE:9F38_33B2446D:0050_62E3CD38_562DCCB:0008

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7325ba3e0e3fb8b2-AMS
content-length: 0
date: Fri, 29 Jul 2022 12:06:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 01 Jan 2014 00:00:00 GMT
location: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6zZmsqFC9wMz5qTDBEyhsYpGjceC2mIo9k%2BRsgiIBpRNFqD9qL80XA%2Fq7EnDuc5MGESvYGRFwsKMgpSzg3mabxHR0sYsJNz%2BaH22MSn1AASxwT4SKGRFE6yNqHDAA4AISJBZ4IoVHl%2B8lJjgF3gPalsIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-request-id: AC476214:3578_33B2446D:0050_62E3CD37_562DCA9:0008

GET
H2 200 cl.gif
r.phywi.org/ 43 B
582 B 89ms
31ms Image
image/gif 2001:41d0:403:34c2::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/cl.gif?m=fa8a1598a8c96ef63907647854d52f9e

Requested by

Host: wtm.people-addict.fr
URL: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:403:34c2:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:06:16 GMT
server: nginx
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id: 200141D00008D1540000000000000015:E5F4_200141D0040334C20000000000000000:01BB_62E3CD38_CC2AC3D:000F
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2

200

20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/
Redirect Chain

https://er.cloud-media.fr/r/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041
https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

35 B
230 B

71ms
71ms

Image
image/gif

54.76.232.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

Requested by

Protocol

Server

54.76.232.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-232-54.eu-west-1.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
x-content-type-options: nosniff
server: awselb/2.0
content-length: 35
content-type: image/gif

Redirect headers

location: https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041
date: Fri, 29 Jul 2022 12:06:16 GMT
x-content-type-options: nosniff
server: awselb/2.0
content-length: 0
x-xss-protection: 1; mode=block
content-type: text/html;charset=utf-8

GET
H2

200

webo.gif
r.phywi.org/
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1353297055
https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=9rOZ2ZjLZ.IoIZb7Jyj5m.

43 B
581 B

46ms
46ms

Image
image/gif

2001:41d0:403:34c2::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=9rOZ2ZjLZ.IoIZb7Jyj5m.

Requested by

Protocol

Server

2001:41d0:403:34c2:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:06:16 GMT
server: nginx
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id: 200141D00008D1540000000000000015:E5F4_200141D0040334C20000000000000000:01BB_62E3CD38_CC2AC9A:000F
expires: Sun, 01 Jan 2014 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:06:15 GMT
via: 1.1 google
last-modified: Fri, 29 Jul 2022 12:06:16 GMT
server: Weborama Collect Frontend
location: https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=9rOZ2ZjLZ.IoIZb7Jyj5m.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

Primary Request daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013 Show response
actu.gala.fr/l_actu/news_de_stars/
Redirect Chain

https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.gala.fr&redirectUri=%2fl_actu%2fnews_de_stars%2fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3futm_source%3dwe...
https://actu.gala.fr/?authId=92a73a44107e7587565556cfbecf218e&redirectUri=%2fl_actu%2fnews_de_stars%2fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3futm_source%3dwelcomingpeopl...
https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article

39 KB
12 KB

50ms
50ms

Document
text/html

104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Requested by: Host: wtm.people-addict.fr
URL: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 / PHP/7.4.26
Resource Hash: 576c0c743a62557f37e2e4a050d8a23ca44d56e0e5348fdf33b7e1b7279db556

Request headers

Referer: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_gal_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=255
content-encoding: gzip
content-length: 11637
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 12:06:16 GMT
server: nginx/1.17.8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26

Redirect headers

content-length: 0
date: Fri, 29 Jul 2022 12:06:16 GMT
location: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
server: AkamaiGHost

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Ll4brkiY-xBg.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 5 KB
5 KB 100ms
27ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Ll4brkiY-xBg.woff2

Requested by

Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8e8120317429c5baa7340bdeb353632c930a33ba93ae13fd735c4290a39231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:09:46 GMT
x-content-type-options: nosniff
age: 190590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4928
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:50:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 07:09:46 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW77l4brkiY-xBg.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 6 KB
6 KB 131ms
58ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW77l4brkiY-xBg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b0e45012e7eb6af2134773ac91edc38a72b2ab311f0b0d972ebf9c8ae221a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:28:26 GMT
x-content-type-options: nosniff
age: 218270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6184
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Jul 2023 23:28:26 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4brkiY8.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 12 KB
12 KB 124ms
53ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4brkiY8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc20800c697b48cf73621f86fd00d01a40ccb7ae7269833cda75f4ca195689a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 22:56:18 GMT
x-content-type-options: nosniff
age: 306598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12532
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 22:56:18 GMT

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JXGhKWLDw41Iw.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 5 KB
5 KB 106ms
35ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JXGhKWLDw41Iw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191b3e92e779f46a577b2e9f09f173fdd50cde5a00f2c591210fbfbd276368b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:19:33 GMT
x-content-type-options: nosniff
age: 236803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5064
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 18:19:33 GMT

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JnGhKWLDw41Iw.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 6 KB
6 KB 132ms
62ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JnGhKWLDw41Iw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

106d90e29b27be16ef5d08a3a472f100318fd53f9c499824e1b06dd7ae5ca894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:29:03 GMT
x-content-type-options: nosniff
age: 16633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6200
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Jul 2023 07:29:03 GMT

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhKWLDw4.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 12 KB
12 KB 99ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhKWLDw4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb1632a4a67e60d5c9fa6af266e1e9e0e2e23e5f46c2410632b49d882b148ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 08:58:22 GMT
x-content-type-options: nosniff
age: 97674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12576
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:58:22 GMT

GET
H2 200 browsertools.js Show response
tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/ 37 KB
13 KB 94ms
20ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7D) /
Resource Hash: 615f78163711d6ad11c7875d6e56671ace387c9044a0403d34de7632e34d4ec1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
age: 3205154
x-cache: HIT
content-disposition: inline
content-length: 12534
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 09:46:26 GMT
server: ECAcc (paa/6F7D)
etag: W/"dc4e581336d9aa0b4d988d2a4b96f323"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: m_OG0LpYKA0sudnoO7.mY_Acpo2d9eOr
via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: xC2ZqhpHak849idFDrj2chjrqA1W2deo0K8xUg7-O4IGX9iD11KNjQ==

GET
H2 200 core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.175.0/ 278 KB
83 KB 94ms
21ms Other
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F28) /
Resource Hash: a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03

Request headers

Referer: https://actu.gala.fr/
Origin: https://actu.gala.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
age: 169471
x-cache: HIT
content-disposition: inline
content-length: 84206
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 13:01:23 GMT
server: ECAcc (paa/6F28)
etag: W/"f4458ff972b62ef3bac254d5d284eabd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XVjfQeBXw_WiMW5Hq7aVzdIj_zogKap2
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: i1wQVkWIQr6wSRdfF8IlnN2tPMaSWbgAPEAg1TS2sO6ETVmjKoe2rg==

GET
H2 200 article-gal.66b37b49ef241e9fcb6b.js Show response
actu.gala.fr/assets/scripts/ 22 KB
8 KB 47ms
40ms Script
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/scripts/article-gal.66b37b49ef241e9fcb6b.js
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: c447eca5e4428de436b7e85df9b0973e58774bc90f5181cfc86cc863b1e1c578

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412949
content-length: 8182

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 109ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc3a7c8e694c66889410a583df659afeee4f83c1b297836d35edd2bba68ff8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
server: sffe
etag: "1287 / 780 of 1000 / last-modified: 1659092813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Jul 2022 12:06:16 GMT

GET
H2 200 critical-gal.70764991eed7aa6fdea8.css
actu.gala.fr/assets/styles/ 13 KB
4 KB 43ms
38ms Stylesheet
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/styles/critical-gal.70764991eed7aa6fdea8.css
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 1476ef4c71b59849adc9f047b6aa52a92504ab99734b7b28fc74b13409afd015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741468
content-length: 3459

GET
H2 200 article-gal.b9e8b940a93023f4e1a2.css
actu.gala.fr/assets/styles/ 0
129 B 43ms
39ms Stylesheet
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/styles/article-gal.b9e8b940a93023f4e1a2.css
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741509
accept-ranges: bytes
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
45 KB 136ms
50ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

655bdacc8cdd4d9d6ea71d2f5d294ca3398ed19324ee40144d4dbb2cc6743b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45676
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:06:16 GMT

GET
H2 200 datadog-rum-slim-v4.js Show response
www.datadoghq-browser-agent.com/ 68 KB
22 KB 91ms
28ms Script
application/javascript 13.225.85.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-121.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ed5554c4bf50f30f6b6aaf48ba8b54e7cb141f032ed2da479a3c7095705010

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:51 GMT
content-encoding: br
last-modified: Tue, 12 Jul 2022 10:13:15 GMT
server: AmazonS3
age: 28
etag: W/"7721e1d5b1b154cd619a2d07abc5f348"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Qus7yvmCgHpQyYHRrCqMif3dYIC-VFwR9VxeRZjSNhk55HwYKxSvfg==

GET
H2 200 transformation.jpg
img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2022.2F07.2F28.2Ffce3f583-f388-45c6-bae7-de02b1d2d94a.2Ejpeg/1200x900/q/80/ 116 KB
117 KB 98ms
23ms Image
image/jpeg 192.229.221.226
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2022.2F07.2F28.2Ffce3f583-f388-45c6-bae7-de02b1d2d94a.2Ejpeg/1200x900/q/80/transformation.jpg
Requested by: Host: actu.gala.fr
URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F5C) /
Resource Hash: b4d3ac6f5c888b537196bbf4a10bd41c43ce18171e24ebad35a7b78dc6cba183

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
last-modified: Thu, 28 Jul 2022 14:16:25 GMT
server: ECAcc (paa/6F5C)
age: 78592
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
accept-ranges: bytes
access-control-allow-headers: X-Photosphere
content-length: 119174
expires: Sat, 29 Jul 2023 12:06:16 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
450 B 101ms
39ms XHR
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default,arrayMap,IntersectionObserver,MutationObserver
Requested by: Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 02:18:42 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/103.0.0
server-timing: cache-cdg20720, PASS, fastly;desc="Edge time";dur=20
accept-ranges: bytes
content-length: 126

GET
H2 200 sourcepoint.min.js Show response
tra.scds.pmdstatic.net/sourcepoint/4.7.1/ 13 KB
5 KB 21ms
21ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/sourcepoint/4.7.1/sourcepoint.min.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F79) /
Resource Hash: 2020a1d61cfe16f730427ff06e714d7c038018e9728ff66af0bf38f772016dc3

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:16 GMT
content-encoding: gzip
age: 341641
x-cache: HIT
content-disposition: inline
content-length: 5301
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 13:11:41 GMT
server: ECAcc (paa/6F79)
etag: W/"22bb41376f92cc9894ca45dd9bb55317"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kY.Awr7t.XIxyt3L0ZWNmCU1nuMxPw6L
via: 1.1 6b4e2529be13169ec5ee4214df435daa.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: HOrdqBWK4VF62SqurLu1mOCr8qZ3oTBW5JteqiwfvLszZUj86gdR8w==

GET
H2 200 critical-gal.edde9df2cc2675a14033.js Show response
actu.gala.fr/assets/scripts/ 3 KB
994 B 38ms
38ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/scripts/critical-gal.edde9df2cc2675a14033.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 9c458969b4a696a872f91b37c0e4eebadd664a6ebe031770a7156be3a6fbe029

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=18741579
content-length: 831

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 105 KB
33 KB 97ms
30ms Script
application/javascript 13.224.189.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62d3cd5cc83b8d768e1069c4e85e939f9eb62db25c05edff966c1993f1907635

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:46:32 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 13:45:40 GMT
server: AmazonS3
age: 1185
etag: W/"6ce19d2b05ca320bb71562ba4230ce5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gDhMIGJ74E2sEi-sz4Y67cUdwcX8aQuBmkoaGZEAa11gqc4KQ_e64g==

GET
H2 200 core-ads.js Show response
tra.scds.pmdstatic.net/advertising-core/4.175.0/ 278 KB
82 KB 23ms
21ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F28) /
Resource Hash: a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 169472
x-cache: HIT
content-disposition: inline
content-length: 84206
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 13:01:23 GMT
server: ECAcc (paa/6F28)
etag: W/"f4458ff972b62ef3bac254d5d284eabd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XVjfQeBXw_WiMW5Hq7aVzdIj_zogKap2
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: i1wQVkWIQr6wSRdfF8IlnN2tPMaSWbgAPEAg1TS2sO6ETVmjKoe2rg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
33ms Script
text/javascript 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6956
date: Fri, 29 Jul 2022 10:10:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 12:10:21 GMT

GET
H2 200 index.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/ 55 KB
17 KB 21ms
20ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/index.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F17) /
Resource Hash: 2d046a2227dd836270aa1ac5d5ff8cd3056d66e2d72242a6db4c17a085468776

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 1477446
x-cache: HIT
content-disposition: inline
content-length: 17187
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:24 GMT
server: ECAcc (paa/6F17)
etag: W/"0ad3ae3cc3e088c6f31d00f29350952f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CO81er7engpD2.X9Oouv5u12GE3Gu.VR
via: 1.1 ce22e0407d9b4f91724feba4d5aa25c2.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: MRS52-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: QRRbOlBeewUb6A6-8rKCv4Sm3ZDC1HsFyNAbScya7yCTsF90eZk_wA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
40 KB 121ms
52ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRTV7FH

Requested by

Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

306829a9d0ac5ea867f6abf3194163cddecda9d16d5fdc5fb30ce4653d87f2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41200
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:06:17 GMT

GET
H2 200 main.fed25969880990837c6f.js Show response
actu.gala.fr/assets/scripts/ 22 KB
8 KB 40ms
38ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/scripts/main.fed25969880990837c6f.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 7bd6780f9a035305b848879076f64fc43e05a77e55dc41ddd423d4474f7a1417

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412873
content-length: 8293

GET
H2 200 main.7c6ba9bd30ad2a0b664e.css Show response
actu.gala.fr/assets/styles/ 1004 B
649 B 43ms
42ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/styles/main.7c6ba9bd30ad2a0b664e.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 83fc98a2f8ecf9bb09989f8915bd0550f208f55e2fd035883026dd9f55f1397e

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741568
content-length: 496

GET
H2 200 optinBundle.js Show response
tra.scds.pmdstatic.net/pmc-kit-components/3.11.0/ 8 KB
4 KB 22ms
21ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-kit-components/3.11.0/optinBundle.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F46) /
Resource Hash: fd280b0598e56e876432cbaac4aeb7c58c6267f83826959833e771a72ab1c18d

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 2666938
x-cache: HIT
content-disposition: inline
content-length: 3520
access-control-allow-origin: *
last-modified: Mon, 28 Jun 2021 09:27:27 GMT
server: ECAcc (paa/6F46)
etag: W/"c0d8110e82a19c7580bca756decdeea3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ro5nZLIV5MmlfYCUfBVLtWa5CQWpho2A
via: 1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: g3nHyMRdGROaOAR-uAUHHcETub9Bbm87mTeBNIp8SUi0M1qfN7jprA==

GET
H2 200 article-gal.66b37b49ef241e9fcb6b.js Show response
actu.gala.fr/assets/scripts/ 22 KB
8 KB 44ms
44ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/scripts/article-gal.66b37b49ef241e9fcb6b.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: c447eca5e4428de436b7e85df9b0973e58774bc90f5181cfc86cc863b1e1c578

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412948
content-length: 8182

GET
H2 200 article-gal.b9e8b940a93023f4e1a2.css Show response
actu.gala.fr/assets/styles/ 0
129 B 47ms
47ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/styles/article-gal.b9e8b940a93023f4e1a2.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741508
accept-ranges: bytes
content-length: 0

GET
H2 200 clickToAutoplay.e1359912c52e4934ad93.js Show response
actu.gala.fr/assets/scripts/ 2 KB
1015 B 47ms
47ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/scripts/clickToAutoplay.e1359912c52e4934ad93.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e13e707a12e7fd93e99657b93f111f07ae7051a784d39631edd4cc99473426ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 15:37:03 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=27202587
content-length: 852

GET
H2 200 clickToAutoplay.97ba89e895206353558f.css Show response
actu.gala.fr/assets/styles/ 1 KB
572 B 47ms
47ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.gala.fr/assets/styles/clickToAutoplay.97ba89e895206353558f.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 781aadf0c6b48ae575596498e0606a404b1bce6a5fc44fdae33d4d6d50ce5665

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741455
content-length: 419

GET
H2 200 pmc_conf_prod_b8ccf2181f12690c219e.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ 377 B
540 B 23ms
22ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/pmc_conf_prod_b8ccf2181f12690c219e.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F25) /
Resource Hash: 397fb7fad165c8945c32fc6354a0ba1ab1f703261d51d4bb668b79dbe0bf9a3c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 1477473
x-cache: HIT
content-disposition: inline
content-length: 263
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:23 GMT
server: ECAcc (paa/6F25)
etag: "b93097ad0fd4a85c64011fae98c94ba5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Z7KGA3IIC6hSP_SaVP0iiu9inIG9GeAy
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: -UT8A8UFy4SYyPoNLpm6sLrXGC0KIRV2SBOwzdJlOmw8KylNmufs1g==

GET
H2 200 gdpr-tcf.52bc741007b8279460bd.bundle.js Show response
cdn.privacy-mgmt.com/unified/3.6.3/ 80 KB
19 KB 31ms
30ms Script
application/javascript 13.224.189.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/3.6.3/gdpr-tcf.52bc741007b8279460bd.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2333a337cd9097f7fe63b86f32acfbb930573639ae16373086ca793d809cd1f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:18:43 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 13:44:36 GMT
server: AmazonS3
age: 2855
etag: W/"0af31f20730f84d69a20aef971da3c45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: R2yhlERi4YJvQKBijK-zjcOHqh5mx0HtIjIyFM2g1g_P8BE4YBTVMQ==

POST
H2 200 get_messages Show response
consent.gala.fr/wrapper/v2/ 196 KB
16 KB 64ms
64ms XHR
application/json 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.gala.fr/wrapper/v2/get_messages?requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&hasCsp=true&env=prod

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-104.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

4f9696ab30fa3cf9c693940aea529aa680da169d97b693438fa8aa8d31a62b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://actu.gala.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://actu.gala.fr
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: iuzegfuRogIle2H_VJi5Fd04bsQs5Chtl4HrcFYEur4r3FhxvakbRw==
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)

OPTIONS
H2 200 get_messages
consent.gala.fr/wrapper/v2/ Frame 0
0 223ms
33ms Preflight
text/plain 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.gala.fr/wrapper/v2/get_messages?requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&hasCsp=true&env=prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-104.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://actu.gala.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://actu.gala.fr
cache-control: no-cache, no-store
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 29 Jul 2022 12:06:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-cf-id: -vNYTbjcCAWTNYbutbjtme2n0EXJjjggIpzhJ2t2CqiGUb9x31Hv-A==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 pmcCheck Show response
www.prismaconnect.fr/ Frame B6B8 1 KB
908 B 45ms
44ms Document
text/html 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b5716b195bf554b3a4e89277f0dc1bf17252908703fc242c0427031887340bc1

Request headers

Referer: https://actu.gala.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=204
content-encoding: gzip
content-length: 585
content-type: text/html
date: Fri, 29 Jul 2022 12:06:17 GMT
etag: W/"9d7dc2d13d6baddf9ee8c21cc7869506"
last-modified: Wed, 27 Jul 2022 09:11:04 GMT
referrer-policy: no-referrer-when-downgrade
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: 8cxSW9BLm-nQMqZQsPs1-AqI54Lt3WXnP11VySCCsuk1zgLMNlgEGw==
x-amz-cf-pop: VIE50-C2
x-amz-version-id: yhZbHXNzVOjbA25Z6imjhAeITHn1aejz

GET
H2 200 buttons__ee177a243460b9ce75bc.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ 7 KB
2 KB 21ms
21ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/buttons__ee177a243460b9ce75bc.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=f19969e270ea1c690318476e40a63e2d&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVUUtvozAQ%252FjXsjfIwEPtQrUhJunnQJY%252FShAsyZgiusEFgQsmvX%252Be40hy%252B10jzaSbLJ7ZtY6uimDo%252BwRQzEkAVIGIvAm%252BBfa%252F03YqA5WDkW0EQWMSuAFeLwi8qx9aOzyoXXISKMvBdAGw5yPI8q7V%252Bj6%252B1Ut1goNBw13ooU%252BPLjTb0peo1bfKnoIGEachLyAdF%252B0HzkkoOjdnAnZuqHb%252FbsR%252FMuh06rmjDBzAHalYgBJhF%252F6SNVngDkkHuEWI7yEDrUYl80IsMDBRN0LBWcHnroO0aoGXJmTLcgIrOQMtnVEDJR6GjrGP%252FGUxDym9SW51oc319TnvFWQO%252FSvbqZkeyotGHlJumyIqwTuNpW0wVT8RFrnSV1Gk3z%252FbJWUyLOJldlhL0Z14eAgL7Lzq%252FZ%252FC4f%252FSqfVxFtztff%252FbbM%252FkswnUqPTxndiQH29OtD4e94S7X%252FORDvbr9rNpLmIbdMZuuwd9d1EanZMP6xYx3n5exlvg9e0w6r%252BrkuEyzMJb9aYUOb%252FGxftOPWNKNDOJo7vv0Hm%252B%252FFfqa0D%252Bj6au2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F8B) /
Resource Hash: 78a0bd21f6c3cfc7c9b3d2e535118b0c061b196eed59620a4f0f01c01a5cf2a4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 1477473
x-cache: HIT
content-disposition: inline
content-length: 2285
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:23 GMT
server: ECAcc (paa/6F8B)
etag: W/"fa578bd29e0254e9413b8da47af464e3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2ZvYr9LfcC4nlAbLVEflZY51ZTB34z35
via: 1.1 cca647b855165d3788974c9e34bcbc3c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: MRS52-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: -uvVRoJqLs7fuAwMzEL7RGE9F3QMDOQYvkWL7_WF7gYTC8SWZK0w3w==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
74 KB 50ms
50ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTV7FH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e9ad0b4bcdf509a29912a8afc8c6b941552d7a5fe0fcdb0476af388634531f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75229
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:06:17 GMT

GET
H2 200 index.js Show response
tra.scds.pmdstatic.net/pmc-api-front-client/4/ Frame B6B8 54 KB
19 KB 25ms
20ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-api-front-client/4/index.js
Requested by: Host: www.prismaconnect.fr
URL: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F0F) /
Resource Hash: 08b73d128170a14d87c3830d47806e2d3a519df056323c6b41cd384141c29140

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
content-encoding: gzip
age: 26
x-cache: HIT
content-disposition: inline
content-length: 18922
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 15:05:37 GMT
server: ECAcc (paa/6F0F)
etag: W/"3f47a2a9e6dff071ecec279f9fa2d10c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vA3DzAVeBvGP9rpKe0pcdKSvCmpX08t7
via: 1.1 5b23e906a0b30aeeaaccd141aadaa56c.cloudfront.net (CloudFront)
cache-control: max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: 7K2ZFk1l6BYpfePAuYtdykxmHQLmcmekkdTwb8e2dNUTWSeTlIBTjQ==

GET
H2 200 ping Show response
api.prismaconnect.fr/prd/ Frame B6B8 17 B
239 B 123ms
122ms Fetch
application/json 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Requested by: Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmc-api-front-client/4/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: awselb/2.0 /
Resource Hash: 9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161

Request headers

Referer: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
x-pmc-brand-id: PMC
accept-language: fr-FR,fr;q=0.9
x-pmc-app-id: 6ec7f6ce-9ce0-44e1-ac9d-c9b9a3f99f49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
referrer-policy: no-referrer-when-downgrade
server: awselb/2.0
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.prismaconnect.fr
access-control-expose-headers: x-pmc-jwt
access-control-allow-credentials: true
content-length: 17

OPTIONS
H2 200 ping
api.prismaconnect.fr/prd/ Frame 0
0 205ms
86ms Preflight
application/octet-stream 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-pmc-app-id,x-pmc-brand-id
Access-Control-Request-Method: GET
Origin: https://www.prismaconnect.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-pmc-app-id,X-Api-Key,facebook-token,google-token,google-accessToken,apple-token,content-type,x-pmc-jwt,x-pmc-brand-id
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.prismaconnect.fr
content-length: 2
content-type: application/octet-stream
date: Fri, 29 Jul 2022 12:06:17 GMT
server: awselb/2.0

GET
H2 200 92a73a44107e7587565556cfbecf218e_ Show response
ppid.prismadata.fr/ 43 B
251 B 118ms
33ms Fetch
image/gif 34.111.211.215
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ppid.prismadata.fr/92a73a44107e7587565556cfbecf218e_?domain=gala.fr
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.211.215 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 215.211.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:06:17 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: image/gif
access-control-allow-origin: https://actu.gala.fr
x-cloud-trace-context: 1bd9a180b4acede6c8919b3dd10d9812
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 102ms
33ms Image
image/gif 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1260362070&t=pageview&_s=1&dl=https%3A%2F%2Factu.gala.fr%2Fl_actu%2Fnews_de_stars%2Fdaniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013%3Futm_source%3Dwelcomingpeopleaddict%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=https%3A%2F%2Fwtm.people-addict.fr%2F&ul=en-us&de=UTF-8&dt=Daniel%20L%C3%A9vi%20toujours%20hospitalis%C3%A9%20%3A%20sa%20femme%20brise%20le%20silence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEhAAEABAAAAI~&cid=738939184.1659096377&tid=UA-192933331-1&_gid=1558078202.1659096377&gtm=2wg7r05F76P37&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&cd27=https%3A%2F%2Fwtm.people-addict.fr%2F&gcs=G10-&npa=1&z=2053122261

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 00:51:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40491
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
consent.gala.fr/ Frame 442D 4 KB
2 KB 80ms
26ms Document
text/html 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 869d747f2bf6b7f0c75ea35b9c806658e2d812731bdaef414bb707243f292a73

Request headers

Referer: https://actu.gala.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1737
content-encoding: gzip
content-type: text/html
date: Fri, 29 Jul 2022 11:37:22 GMT
etag: W/"0fadc987032296815405f39e4ef2af04"
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-id: UjDvGNjrspQ6sgDd4Ll6CG03h59UQYRyH9kJWkstf1-ypXVeluROZw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 Notice.a2194.css
consent.gala.fr/ Frame 442D 32 KB
6 KB 37ms
35ms Stylesheet
text/css 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.gala.fr/Notice.a2194.css
Requested by: Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d07c218cf2ede8daec9179c818dce7dce1e65d78ae24c9e9bf08f26f42386077

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:55:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 679
etag: W/"797825cd114f1ba9cd9dba118cc0d8a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: nxqRy7GiLBTqlezT7knwGprhGXpM6DSFX5vSf_CfYuflKvqlm5G2xA==

GET
H2 200 polyfills.d36c5.js Show response
consent.gala.fr/ Frame 442D 5 KB
2 KB 38ms
36ms Script
application/javascript 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.gala.fr/polyfills.d36c5.js
Requested by: Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:54:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 735
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: R27IniYB3AlCXvrUMhwaWdDrxmDivntGFUznK6SCuBDQyLXzhHvuUw==

GET
H2 200 Notice.0b008.js Show response
consent.gala.fr/ Frame 442D 211 KB
53 KB 38ms
36ms Script
application/javascript 13.225.78.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.gala.fr/Notice.0b008.js
Requested by: Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51cd20cbb2c5e74c8b23c00ad7ea5fc75d2beabb048db2fd0eebbb6cbd2bcbc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:36:41 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 1792
etag: W/"fdbc28f9cb1d08ff7ae01b1996ddc335"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: UZHSSJ1Qve3OJd94GvA4tKEfNRaPg0rA8mKnPhmsxVV9Kz_ina1fFw==

GET
H2 200 gal_logo.svg
creas.prismamediadigital.com/people/logos/ Frame 442D 4 KB
2 KB 43ms
42ms Image
image/svg+xml 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creas.prismamediadigital.com/people/logos/gal_logo.svg
Requested by: Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=686138&consentUUID=6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10&requestUUID=b43f249e-d2d2-4d82-84a8-a25edd519932&preload_message=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b69c4f26bcdf50e03853c80754d362880cbf1e1c03a11e225a84985472f9f7d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.gala.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: fl2MGNRZqkX8wBMZJfoTjdhYpYOsx115
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 08:26:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"32d5c48b90a970e8a4327fc3a5843ec0"
vary: Accept-Encoding
content-type: image/svg+xml
date: Fri, 29 Jul 2022 12:06:17 GMT
content-length: 1981
x-amz-cf-id: yM-yms3NFDLwsk4vjFVKi-xoBueBXrzpYwZrmehpxa3BIm7m6qrTpg==

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s3s-main.net/	1970-01-20 05:34:48	Name: wm_welcoming_v2 Value: %2Cfw_21805526%2C%3B3469739958
.weborama.fr/	1970-01-20 14:17:31	Name: AFFICHE_W Value: o5yF6-a6gn@j48
.phywi.org/	1970-01-20 06:18:00	Name: pl Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%22627gb9b26%3A9b9d%3A7fg74%3A18758965e63g%3Af8cca1%22%3B%7D
.cloud-media.fr/	1970-01-20 13:29:52	Name: l_id Value: fa8a1598a8c96ef63907647854d52f9e
.prismamedia.com/	1970-01-20 09:10:48	Name: authId Value: 92a73a44107e7587565556cfbecf218e
.gala.fr/	1970-01-20 09:10:48	Name: authId Value: 92a73a44107e7587565556cfbecf218e
.gala.fr/	1970-01-20 22:22:48	Name: _ga Value: GA1.2.738939184.1659096377
.gala.fr/	1970-01-20 04:53:02	Name: _gid Value: GA1.2.1280814727.1659096377
.gala.fr/	1970-01-20 09:10:48	Name: consentUUID Value: 6a27e38e-5b68-4f02-b1b8-bf13a0c799a6_10
.gala.fr/	1970-01-20 14:13:12	Name: ga_exempt Value: GA1.2.738939184.1659096377
.gala.fr/	1970-01-20 04:53:02	Name: ga_exempt_gid Value: GA1.2.1558078202.1659096377
actu.gala.fr/	1970-01-20 04:51:37	Name: _dd_s Value: rum=0&expire=1659097276933

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js Message: A preload for 'https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js' is found, but is not used because the request headers do not match.
javascript	warning	URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article Message: The resource https://actu.gala.fr/assets/styles/article-gal.b9e8b940a93023f4e1a2.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article Message: The resource https://actu.gala.fr/assets/scripts/article-gal.66b37b49ef241e9fcb6b.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article Message: The resource https://securepubads.g.doubleclick.net/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://actu.gala.fr/l_actu/news_de_stars/daniel-levi-toujours-hospitalise-sa-femme-brise-le-silence_499013?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_gal_article Message: The resource https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actu.gala.fr
api.prismaconnect.fr
cdn.polyfill.io
cdn.privacy-mgmt.com
consent.gala.fr
consents.prismamedia.com
creas.prismamediadigital.com
er.cloud-media.fr
fonts.gstatic.com
img.pmdstatic.net
ppid.prismadata.fr
r.phywi.org
redirect.frontend.weborama.fr
s3s-main.net
securepubads.g.doubleclick.net
tra.scds.pmdstatic.net
wtm.people-addict.fr
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
www.prismaconnect.fr
104.96.135.103
13.224.189.6
13.225.78.104
13.225.85.121
192.229.221.226
192.229.221.61
2001:41d0:403:34c2::
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4014:80b::200e
2a00:1450:4014:80f::2008
2a04:4e42:400::282
2a06:98c1:3120::3
34.111.211.215
35.190.24.218
54.76.232.54
91.190.170.11
08b73d128170a14d87c3830d47806e2d3a519df056323c6b41cd384141c29140
0b0e45012e7eb6af2134773ac91edc38a72b2ab311f0b0d972ebf9c8ae221a1b
0bb1632a4a67e60d5c9fa6af266e1e9e0e2e23e5f46c2410632b49d882b148ae
106d90e29b27be16ef5d08a3a472f100318fd53f9c499824e1b06dd7ae5ca894
1476ef4c71b59849adc9f047b6aa52a92504ab99734b7b28fc74b13409afd015
191b3e92e779f46a577b2e9f09f173fdd50cde5a00f2c591210fbfbd276368b9
1a8e8120317429c5baa7340bdeb353632c930a33ba93ae13fd735c4290a39231
2020a1d61cfe16f730427ff06e714d7c038018e9728ff66af0bf38f772016dc3
23ed5554c4bf50f30f6b6aaf48ba8b54e7cb141f032ed2da479a3c7095705010
2d046a2227dd836270aa1ac5d5ff8cd3056d66e2d72242a6db4c17a085468776
306829a9d0ac5ea867f6abf3194163cddecda9d16d5fdc5fb30ce4653d87f2ab
397fb7fad165c8945c32fc6354a0ba1ab1f703261d51d4bb668b79dbe0bf9a3c
4f9696ab30fa3cf9c693940aea529aa680da169d97b693438fa8aa8d31a62b23
51cd20cbb2c5e74c8b23c00ad7ea5fc75d2beabb048db2fd0eebbb6cbd2bcbc4
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
576c0c743a62557f37e2e4a050d8a23ca44d56e0e5348fdf33b7e1b7279db556
5e9ad0b4bcdf509a29912a8afc8c6b941552d7a5fe0fcdb0476af388634531f8
615f78163711d6ad11c7875d6e56671ace387c9044a0403d34de7632e34d4ec1
62d3cd5cc83b8d768e1069c4e85e939f9eb62db25c05edff966c1993f1907635
655bdacc8cdd4d9d6ea71d2f5d294ca3398ed19324ee40144d4dbb2cc6743b08
781aadf0c6b48ae575596498e0606a404b1bce6a5fc44fdae33d4d6d50ce5665
78a0bd21f6c3cfc7c9b3d2e535118b0c061b196eed59620a4f0f01c01a5cf2a4
7bd6780f9a035305b848879076f64fc43e05a77e55dc41ddd423d4474f7a1417
7fc20800c697b48cf73621f86fd00d01a40ccb7ae7269833cda75f4ca195689a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fc98a2f8ecf9bb09989f8915bd0550f208f55e2fd035883026dd9f55f1397e
869d747f2bf6b7f0c75ea35b9c806658e2d812731bdaef414bb707243f292a73
9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161
9c458969b4a696a872f91b37c0e4eebadd664a6ebe031770a7156be3a6fbe029
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b4d3ac6f5c888b537196bbf4a10bd41c43ce18171e24ebad35a7b78dc6cba183
b5716b195bf554b3a4e89277f0dc1bf17252908703fc242c0427031887340bc1
b69c4f26bcdf50e03853c80754d362880cbf1e1c03a11e225a84985472f9f7d2
b8831368925b7e6844794647054f06aefc00079cd89d5ef5865a4e21fca2b003
bec644ff98196dd96b36fb68eb8461170634d6d364a5320932dd9dc3e4d5d11a
c447eca5e4428de436b7e85df9b0973e58774bc90f5181cfc86cc863b1e1c578
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc3a7c8e694c66889410a583df659afeee4f83c1b297836d35edd2bba68ff8db
d07c218cf2ede8daec9179c818dce7dce1e65d78ae24c9e9bf08f26f42386077
e13e707a12e7fd93e99657b93f111f07ae7051a784d39631edd4cc99473426ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2333a337cd9097f7fe63b86f32acfbb930573639ae16373086ca793d809cd1f
fd280b0598e56e876432cbaac4aeb7c58c6267f83826959833e771a72ab1c18d

actu.gala.fr Open in urlscan Pro 104.96.135.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

41 %IPv6

18 Domains

21 Subdomains

16 IPs

5 Countries

801 kBTransfer

2318 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

actu.gala.fr Open in urlscan Pro
104.96.135.103 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

41 %
IPv6

18
Domains

21
Subdomains

16
IPs

5
Countries

801 kB
Transfer

2318 kB
Size

12
Cookies

53 HTTP transactions
0 data transactions