URL: https://collegien-shop.fr/
Submission Tags: sansec.io magecart Search All
Submission: On August 20 via api from US — Scanned from FR

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 49 HTTP transactions. The main IP is 185.249.140.54, located in Paris, France and belongs to DIS DIS Infrastructure, FR. The main domain is collegien-shop.fr.
TLS certificate: Issued by R11 on August 4th 2024. Valid for: 3 months.
This is the only time collegien-shop.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 185.249.140.54 202140 (DIS DIS I...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 3.161.82.9 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
49 9
Apex Domain
Subdomains
Transfer
37 collegien-shop.fr
collegien-shop.fr
2 MB
7 axept.io
static.axept.io — Cisco Umbrella Rank: 93478
client.axept.io — Cisco Umbrella Rank: 103231
favicons.axept.io
190 KB
2 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 34099
3 KB
1 imgix.net
axeptio.imgix.net — Cisco Umbrella Rank: 168809
4 KB
1 brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 34591
156 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
101 KB
49 6
Domain Requested by
37 collegien-shop.fr collegien-shop.fr
3 favicons.axept.io
2 client.axept.io static.axept.io
2 sibautomation.com collegien-shop.fr
sibautomation.com
2 static.axept.io www.googletagmanager.com
static.axept.io
1 axeptio.imgix.net
1 in-automate.brevo.com sibautomation.com
1 www.googletagmanager.com collegien-shop.fr
49 8

This site contains links to these domains. Also see Links.

Domain
b2b-fr.collegien-shop.com
ekomi.fr
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
collegien-shop.fr
R11
2024-08-04 -
2024-11-02
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
static.axeptio.eu
Amazon RSA 2048 M02
2024-05-19 -
2025-06-17
a year crt.sh
sibautomation.com
WE1
2024-08-05 -
2024-11-03
3 months crt.sh
client.axept.io
Amazon RSA 2048 M03
2024-07-03 -
2025-07-31
a year crt.sh
brevo.com
WE1
2024-08-19 -
2024-11-17
3 months crt.sh
axept.io
Amazon RSA 2048 M02
2024-08-15 -
2025-09-14
a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-07 -
2025-01-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://collegien-shop.fr/
Frame ID: FBB74FE74731D3512CEA3A3F0EE3520A
Requests: 54 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=nrm6kycqmxq0bdzsn3v9cu4r
Frame ID: 8A5011E845693B5065518B9A22349301
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Collégien Chaussons Chaussettes pour toute la famille

Page URL History Show full URLs

  1. https://collegien-shop.fr/ Page URL
  2. https://collegien-shop.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

49
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

2732 kB
Transfer

5381 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://collegien-shop.fr/ Page URL
  2. https://collegien-shop.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
collegien-shop.fr/
356 KB
356 KB
Document
General
Full URL
https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
/
Resource Hash
639ae2e7e75734c3c0e9fdc95b064dc8aed2b7a577c12d1ee927339512df7efb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 05:06:07 GMT
x-dis-country
FR
x-dis-waf
1
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea96c1b9a3424181aaaf8a80fb239c4e7d9861382bd7b28b81a48b0ef29c15e5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
257 KB
257 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
favicon.ico
collegien-shop.fr/
15 KB
7 KB
Other
General
Full URL
https://collegien-shop.fr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
e2e217c6e09ab5517bdc61da199fd6cdd5ffad2c93cfec0c121cbcaafbf085ac
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
https://collegien-shop.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:08 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
5ace654ebf1ea7e9ce22a75857366702741ecdf2
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130368
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=1.064223; desc="Compute config for request", total; dur=3.0963439999999998; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 08:54:20 GMT
server
dis-waf
etag
W/"3c2e-190d9a61da5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Primary Request /
collegien-shop.fr/
157 KB
28 KB
Document
General
Full URL
https://collegien-shop.fr/
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
7e01f69fafc66103819f21b8a178716823fa2026f18a4d61cb3319a4b9a4b4d3
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Referer
https://collegien-shop.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 05:06:09 GMT
etag
W/"2727e-RtrNPg4s1A1ml2LPsszY/AAIkmA"
expires
0
pragma
no-cache
referrer-policy
no-referrer
server
dis-waf
server-timing
config; dur=0.533173; desc="Compute config for request" remote config; dur=1.328729; desc="Build config with remote values" template; dur=0.026955999999999997; desc="Resolve initial template" loaders; dur=3.754149; desc="Initialize GraphQL loaders" app; dur=0.122974; desc="React App initialization" getdata; dur=151.85290899999998; desc="Resolve Apollo queries" render; dur=3.986528; desc="Render final HTML" total; dur=205.59123699999998; desc="Total Response Time"
strict-transport-security
max-age=15552000; includeSubDomains
surrogate-control
no-store
vary
Origin, Accept-Encoding
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
x-content-type-options
nosniff nosniff
x-dis-country
FR
x-dis-id
63d0412e0ee67bc9101b311df5ea41431bbb1912
x-dis-ts
1724130369
x-dis-waf
1
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-ua-compatible
IE=edge
x-xss-protection
0 1; mode=block
Muli-Bold.priority.32240ca1.woff2
collegien-shop.fr/static/media/
17 KB
21 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Muli-Bold.priority.32240ca1.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
b8c70f4259e9b2984d7efa00035be70a35eed013
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.345749; desc="Compute config for request", total; dur=14.135658999999999; desc="Total Response Time"
content-length
16940
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"422c-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Muli-Regular.priority.06a2b2bc.woff2
collegien-shop.fr/static/media/
16 KB
21 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Muli-Regular.priority.06a2b2bc.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
0276bd04fc20de707a2582f48ca4626cc98a5ae6
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.39594399999999996; desc="Compute config for request", total; dur=13.533249; desc="Total Response Time"
content-length
16828
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"41bc-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Muli-Light.priority.7848ba43.woff2
collegien-shop.fr/static/media/
16 KB
21 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Muli-Light.priority.7848ba43.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
517be397db5d618d34c60b12463674d85a7251b4dff1f919388e53e00a4d3905
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
276d7376b52649924bb20627d1564c3712fd88ea
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.345541; desc="Compute config for request", total; dur=13.775725999999999; desc="Total Response Time"
content-length
16780
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"418c-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-800.priority.db9a3e0b.woff2
collegien-shop.fr/static/media/
19 KB
24 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Montserrat-800.priority.db9a3e0b.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
ff07018ed98a1ae9653a2470eb82fcef0b56afa3
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.42780999999999997; desc="Compute config for request", total; dur=14.722945999999999; desc="Total Response Time"
content-length
19440
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4bf0-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-Bold.priority.0480d2f8.woff2
collegien-shop.fr/static/media/
19 KB
24 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Montserrat-Bold.priority.0480d2f8.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
3d8792a2429bf498389f613535f47ad7d5877eba
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.6839; desc="Compute config for request", total; dur=14.364472999999998; desc="Total Response Time"
content-length
19264
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b40-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-SemiBold.priority.0480d2f8.woff2
collegien-shop.fr/static/media/
19 KB
24 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Montserrat-SemiBold.priority.0480d2f8.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
6607a9d35cc8534b42a2094ab0a5ae5a2f5eeff8
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.336049; desc="Compute config for request", total; dur=13.850926999999999; desc="Total Response Time"
content-length
19264
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b40-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-500.priority.091b2095.woff2
collegien-shop.fr/static/media/
19 KB
24 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Montserrat-500.priority.091b2095.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
617583751e2280892a3e34331150a9ebba6cdc33
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.331802; desc="Compute config for request", total; dur=14.760957999999999; desc="Total Response Time"
content-length
19272
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b48-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-Regular.priority.b71748ae.woff2
collegien-shop.fr/static/media/
19 KB
24 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Montserrat-Regular.priority.b71748ae.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
71bb64932fca9a761af62f6f2e5d03a4d108236c
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.428353; desc="Compute config for request", total; dur=13.305734999999999; desc="Total Response Time"
content-length
19172
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4ae4-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
63.c83d63ae.css
collegien-shop.fr/static/css/
315 KB
49 KB
Stylesheet
General
Full URL
https://collegien-shop.fr/static/css/63.c83d63ae.css
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
43df1ef26205bb488719bee3a60f880393a63089e5b515eb365a9d2c8793c347
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
e76e589030cbe1075adfdad6faf779470d6f1958
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.372896; desc="Compute config for request", total; dur=14.20131; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4ebb5-190d9ad93b8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
67.5acd2b40.js
collegien-shop.fr/static/js/
3 KB
7 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/67.5acd2b40.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d13fcb01ca0b7c5fdf3474c748337a9fab27007865c677bbb0f624a3007fbd7c
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
f6328ac4027cadd52958209979805de7ff2cf41f
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=1.0119799999999999; desc="Compute config for request", total; dur=4.043074; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"d54-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
0.245549e8.chunk.js
collegien-shop.fr/static/js/
361 KB
112 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/0.245549e8.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
b8cf98217462362913f2bf0bb7858a51a374132ee0864d11235e45b1a1fdfe8e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
9e4a3ab942b74410d77bd862571c5632e1f9f10c
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.59019; desc="Compute config for request", total; dur=2.546287; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5a424-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
63.b20f58f4.chunk.js
collegien-shop.fr/static/js/
868 KB
234 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/63.b20f58f4.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
384dd78642085ccb96d04488c69bad37b299a52caa22b7feb78c10ce355ad035
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
063b5b13bace577ffb10ce07bc46460e4b95e022
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.337453; desc="Compute config for request", total; dur=14.654345; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"d8ff0-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
1.4522bac5.chunk.js
collegien-shop.fr/static/js/
380 KB
79 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/1.4522bac5.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
244b63aef8b2b2a3c3190f558f80ec481543d65cca37a87ffc48f6d526788b72
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
fe5cd2faf62e9fe59897db1322cdf813fd2c64bd
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.332561; desc="Compute config for request", total; dur=15.252879; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5f0a0-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
6.bd6c5d4d.chunk.js
collegien-shop.fr/static/js/
222 B
5 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/6.bd6c5d4d.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
69dbfb1cadebf2ac66cf2d3a3f20dc35f4fb362786eb5aa11ce4eeca24e68c45
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
4ecf278bf99a972986f624e0df3fa6f7328fb2c8
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.499783; desc="Compute config for request", total; dur=15.614467999999999; desc="Total Response Time"
content-length
222
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"de-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
24.cab633ee.chunk.js
collegien-shop.fr/static/js/
415 KB
95 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/24.cab633ee.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
55ddc706ee9735da983915998fa35a91c5dd730d4c3d7b5872e047aeb5a49dc5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
2c14c82f396a327b18432de62be0556adbe654f3
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.888381; desc="Compute config for request", total; dur=17.555691; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"67b3f-190d9ad93ac"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
35.1cd6cc7c.chunk.js
collegien-shop.fr/static/js/
17 KB
9 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/35.1cd6cc7c.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
913e28731950e6ba9c4d18f87d6af382cfdba5479883f0a1c0637c47d059d4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
20eb14b514444499cd9a45755e13cf8ce002464b
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.346209; desc="Compute config for request", total; dur=14.977761; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"42d4-190d9ad93b0"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
16.3bb095ed.chunk.js
collegien-shop.fr/static/js/
111 KB
31 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/16.3bb095ed.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
0f207c46754553f74c1cee65a6d0a4214dda9138f64ab09cebfc820ad3b71a2e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
40cac5f1724b3cc10dee6835bcd1fe2cfc61415a
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.45022799999999996; desc="Compute config for request", total; dur=16.303058999999998; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"1bc9d-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
68.68e0a434.chunk.js
collegien-shop.fr/static/js/
4 KB
6 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/68.68e0a434.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d7da04f79f972acb049c226040d0e918d3856e9bf4765933e0adf957a4e27434
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
7ab8adebf380b0981dfe60a7f04c7128151ca4cf
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.35603999999999997; desc="Compute config for request", total; dur=15.505296999999999; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"e73-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
69.e47567a8.chunk.js
collegien-shop.fr/static/js/
4 KB
6 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/69.e47567a8.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
84033b24e9247cc3fd24f44f600c8563ffe66d5865fca1529eb27158984cc0fb
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
4d96520f65590dcc990df1982e7859982572dc45
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130369
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.358712; desc="Compute config for request", total; dur=15.424930999999999; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"f54-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
gtm.js
www.googletagmanager.com/
306 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT3G8DH
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c27ae31d5f3dd78622622c0f64cc904f5c07cb7b0e707c6c9250f6c5d53bb4ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 05:06:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103147
x-xss-protection
0
last-modified
Tue, 20 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Aug 2024 05:06:10 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f7ba87e3bbdf17d85a90e243e435d03ba7ceaf38f43f9a59b1907a60032f18c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
full_screen_7.png
collegien-shop.fr/media/picture/image/f/u/
98 KB
103 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/f/u/full_screen_7.png?format=hero&width=1500&height=624&size=1&cover=true
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
571b2c280da015f9296fd8c0324fe756512f534b8611b844488feba95a618e89
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
https://collegien-shop.fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
f225aaa10170097fd4bfade9f8d7d53b90a44c66
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.591896; desc="Compute config for request", remote config; dur=1.3162449999999999; desc="Build config with remote values", total; dur=25.907021999999998; desc="Total Response Time"
content-length
100479
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:12:54 GMT
server
dis-waf
etag
W/"1887f-190d9b71cbd"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
truncated
/
357 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882f10a8789cdaed0607e609b1c5771c9cff1d93e5b096ace37b216780360687

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
270 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6df801050ead9ea3fce6f9de5994afb0a2a6e3b57fdbe586fcadd69e8150e75

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
357 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db9ce631c7d6f98770ca6a218966102efc0084a6f8dab8edf960e61ca672a1ef

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Linearicons-Free.857c65d6.woff2
collegien-shop.fr/static/media/
21 KB
26 KB
Font
General
Full URL
https://collegien-shop.fr/static/media/Linearicons-Free.857c65d6.woff2
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/static/css/63.c83d63ae.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://collegien-shop.fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
020065a86dc6fe6eb9aeb652856943d98368f0fd
x-dis-ts
1724130369
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.591119; desc="Compute config for request", total; dur=8.996789; desc="Total Response Time"
content-length
21780
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5514-190d9ad93a8"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
sdk.js
static.axept.io/
684 KB
175 KB
Script
General
Full URL
https://static.axept.io/sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT3G8DH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:c400:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a081b8075d45b6abbbcf14399bba1c47504f79c7cdf20ee0f3ec4ed4d59b8f69

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:24:08 GMT
content-encoding
br
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 08:27:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
16923
x-amz-server-side-encryption
AES256
etag
W/"e43463585e75f85a14b5e2d47e4b2343"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Uxxexku1PCSJj7BvFIKfBDbxBf8BQBo_rnJjPtgfWqXifh4v_ea3oQ==
72.f7306034.chunk.js
collegien-shop.fr/static/js/
7 KB
7 KB
Script
General
Full URL
https://collegien-shop.fr/static/js/72.f7306034.chunk.js
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/static/js/67.5acd2b40.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
c300a1a5efc9be78bb424d6ca026226bec89de2e66df3833683818c173e58aa2
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
990faddc5bf07b19053066d6d46cee011925715e
x-content-type-options
nosniff, nosniff
x-dis-ts
1724130370
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.49175599999999997; desc="Compute config for request", total; dur=3.274405; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"1a2a-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
graphql
collegien-shop.fr/
100 B
5 KB
Fetch
General
Full URL
https://collegien-shop.fr/graphql
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/static/js/72.f7306034.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
f248ce1206daaf68b21082d50c064ad83f4eac68a22e5b4d331449ca35f4e392
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
77364539b27461cb8a42455836224c69a59e2342
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.8659479999999999; desc="Compute config for request", remote config; dur=1.293038; desc="Build config with remote values", total; dur=8.925411; desc="Total Response Time"
content-length
100
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
server
dis-waf
etag
W/"64-pCNUOD6DZiPor9gRPcTPDcQA2zU"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
access-control-allow-credentials
true
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
sa.js
sibautomation.com/
8 KB
3 KB
Script
General
Full URL
https://sibautomation.com/sa.js?key=nrm6kycqmxq0bdzsn3v9cu4r
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
631e09c7bce63616beec7f17de630f520a341e7fda8f7916b0890ded892f1a0b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 05:06:10 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
cf-bgj
minify
server
cloudflare
cf-polished
origSize=11140
etag
W/"2b84-QtB1j9J6WqOfVQtzLaBU2FPpuPg"
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
8b5fda3fb83f93e1-LHR
expires
Tue, 20 Aug 2024 05:07:10 GMT
graphql
collegien-shop.fr/
64 B
5 KB
Fetch
General
Full URL
https://collegien-shop.fr/graphql?operationName=CartQty&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2255e2893d2de8748c6f8483243d15967549ee6a8fda675190cd8eca1eeb2aac08%22%7D%7D
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/static/js/72.f7306034.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
8918829258bec036379feda649e91def5974eca43cf144d5b74152e9213604e9
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
f3497d5436dbeac93c9a8838e34362ad3faee326
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.493318; desc="Compute config for request", remote config; dur=1.155967; desc="Build config with remote values", total; dur=8.114752; desc="Total Response Time"
content-length
64
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
server
dis-waf
etag
W/"40-yof8Krc0CoJCcRbsq9VI0fZVEa8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
enfant_chaussons.png
collegien-shop.fr/media/picture/image/e/n/
149 KB
154 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/e/n/enfant_chaussons.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=jpeg
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
5bf08acb0a721746e26dc64c954421f4a27cc87795396af53f02e4953cc5389f
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
355656d8c807ed6ba185674808b0731a9889cc34
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.44548499999999996; desc="Compute config for request", remote config; dur=1.107465; desc="Build config with remote values", total; dur=14.718285; desc="Total Response Time"
content-length
152941
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:20:41 GMT
server
dis-waf
etag
W/"2556d-190d9be3a38"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
enfant_chaussettes.png
collegien-shop.fr/media/picture/image/e/n/
100 KB
105 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/e/n/enfant_chaussettes.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=jpeg
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
669aa1c413f32a99fc1a09e666abd01ad809dcbd6dcdb16b60e0da625f7233a0
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
182b86f9f829995f7091ad84d45f52b31b44b8fd
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.38057399999999997; desc="Compute config for request", remote config; dur=1.14085; desc="Build config with remote values", total; dur=17.633266; desc="Total Response Time"
content-length
102468
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:20:41 GMT
server
dis-waf
etag
W/"19044-190d9be3a40"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
1_push_levity_femme.png
collegien-shop.fr/media/picture/image/1/_/
120 KB
125 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/1/_/1_push_levity_femme.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=jpeg
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
f48f6ac044d0fb3dec868e97a90821edc02db0622e4ee9e91dd1d71aabbd723f
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
91d92b8e2797d2ac151b0e061c8b7fb8dd0fc826
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.386248; desc="Compute config for request", remote config; dur=1.083652; desc="Build config with remote values", total; dur=16.597133; desc="Total Response Time"
content-length
122906
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:23:20 GMT
server
dis-waf
etag
W/"1e01a-190d9c0a795"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
collegienah23-1514-edit_1.jpg
collegien-shop.fr/media/picture/image/c/o/
86 KB
91 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/c/o/collegienah23-1514-edit_1.jpg?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=jpeg
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
3e819cf3c3aed49b32d292ee0bc121dccad05d5ef86d4cac284ed3a55e7b5468
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
6ed87cda4fc0a24e7e34fce076717d489926d8a6
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.632676; desc="Compute config for request", remote config; dur=1.248286; desc="Build config with remote values", total; dur=15.02165; desc="Total Response Time"
content-length
88453
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:23:20 GMT
server
dis-waf
etag
W/"15985-190d9c0a921"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
6613e41d264f11b40d9804f2.json
client.axept.io/
27 KB
5 KB
Fetch
General
Full URL
https://client.axept.io/6613e41d264f11b40d9804f2.json?r=0
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3200:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3be66402efb2cf2916972fac49aef00a0f6148e834a7501aa85e52834a4451de

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 21:35:21 GMT
x-amz-version-id
mJJMPjDwBxw9RlV7.acPFNnfQDxdxqIS
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
27050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 May 2024 08:41:34 GMT
server
AmazonS3
etag
W/"af489e10ba3df07c6967bb34bd3a19b2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
wrlBg7fAJZ5dqKdsHSvjRBZiJyHwCSAOTDKWkembfQBhW2ek91RrtQ==
graphql
collegien-shop.fr/
46 B
5 KB
Fetch
General
Full URL
https://collegien-shop.fr/graphql
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/static/js/72.f7306034.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
c2436c5d1913f52e2ffa10ed28205031f04da2b6b30de2f45f4204b2eb216939
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
f89ba710deddf8c4576d283a04b8c848ade63dd8
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.758126; desc="Compute config for request", remote config; dur=1.4208189999999998; desc="Build config with remote values", total; dur=11.271806999999999; desc="Total Response Time"
content-length
46
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
server
dis-waf
etag
W/"2e-Vgg6yDPkFS8gegvp+JYnSpZtBa4"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
cm.html
sibautomation.com/ Frame 8A50
0
0
Document
General
Full URL
https://sibautomation.com/cm.html?key=nrm6kycqmxq0bdzsn3v9cu4r
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=nrm6kycqmxq0bdzsn3v9cu4r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
8b5fda40ccdb385b-LHR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 05:06:10 GMT
expires
Tue, 20 Aug 2024 07:06:10 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
collegienah23-1514-edit_1.jpg
collegien-shop.fr/media/picture/image/c/o/
58 KB
62 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/c/o/collegienah23-1514-edit_1.jpg?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=webp
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
0e2e26695ce2bfc5842e7d186f6582cbe822e78bd3cf89d861a7712c844e10b5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
3d9f6c3edc2a45944b3ac07cd9c29595c35d3f06
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.670125; desc="Compute config for request", remote config; dur=1.284876; desc="Build config with remote values", total; dur=5.552601; desc="Total Response Time"
content-length
58904
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:27:05 GMT
server
dis-waf
etag
W/"e618-190d9c4178c"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
enfant_chaussons.png
collegien-shop.fr/media/picture/image/e/n/
114 KB
119 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/e/n/enfant_chaussons.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=webp
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
5da8fe9fbf211c1edaa3fe25bd6e87262824e97df9994300a8361460f7ba7ec2
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
1b5f4c74fc51471c3c90e0f61eb23518705d6059
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=1.003317; desc="Compute config for request", remote config; dur=1.192202; desc="Build config with remote values", total; dur=7.887782; desc="Total Response Time"
content-length
116568
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:23:20 GMT
server
dis-waf
etag
W/"1c758-190d9c0a891"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
enfant_chaussettes.png
collegien-shop.fr/media/picture/image/e/n/
66 KB
71 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/e/n/enfant_chaussettes.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=webp
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
2df856abe18e45c91e487343c22f2914a713b27d66a38da46110f0a2832d11a0
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
0bb97a69820ad4b3b52dd14dee2ac78562f75a1d
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.46554599999999996; desc="Compute config for request", remote config; dur=1.2541769999999999; desc="Build config with remote values", total; dur=10.488633; desc="Total Response Time"
content-length
67542
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:23:20 GMT
server
dis-waf
etag
W/"107d6-190d9c0a859"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
1_push_levity_femme.png
collegien-shop.fr/media/picture/image/1/_/
81 KB
86 KB
Image
General
Full URL
https://collegien-shop.fr/media/picture/image/1/_/1_push_levity_femme.png?format=fourEntries&width=746&height=1026&size=1&cover=true&extension=webp
Requested by
Host: collegien-shop.fr
URL: https://collegien-shop.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
a258b7342ddd15a88e41a2c2c66478baf02fb7f1626a788d9225763f00af11f8
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
0b2ee1dd626fed3a67801c8ba0beecd1705eb7f8
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.520268; desc="Compute config for request", remote config; dur=1.2684579999999999; desc="Build config with remote values", total; dur=13.628254; desc="Total Response Time"
content-length
83148
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:23:20 GMT
server
dis-waf
etag
W/"144cc-190d9c0a895"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
fr-EU
client.axept.io/pack/
10 KB
4 KB
Fetch
General
Full URL
https://client.axept.io/pack/fr-EU
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3200:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ campsi
Resource Hash
530d85a40b113d4826d14ca075dcbcf8d7210afe20c9efbccfc979433508b55f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:12:25 GMT
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
17625
x-powered-by
campsi
etag
W/"2763-kpI9UA/fr8Du/QfnFAxXR2BA58o"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0aJg3tDVlZO_jQD8QuATjqoMqNGRDrXBpgS5PVyZVQkUyTlKG5qsYQ==
favicon.ico
collegien-shop.fr/
15 KB
5 KB
Other
General
Full URL
https://collegien-shop.fr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
e2e217c6e09ab5517bdc61da199fd6cdd5ffad2c93cfec0c121cbcaafbf085ac
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:06:10 GMT
x-dis-id
fce3ad7a8581157778322b2875e4406a25c8d3c1
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-dis-ts
1724130370
x-permitted-cross-domain-policies
none
x-dis-waf
1
x-content-type-options
nosniff, nosniff
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.915759; desc="Compute config for request", total; dur=4.439172; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 08:54:20 GMT
server
dis-waf
etag
W/"3c2e-190d9a61da5"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
p
in-automate.brevo.com/
15 B
156 B
XHR
General
Full URL
https://in-automate.brevo.com/p?key=nrm6kycqmxq0bdzsn3v9cu4r&cuid=de0bbe5f-3e4a-410f-8152-2c4417caa16d&ma_url=https%3A%2F%2Fcollegien-shop.fr%2F&email_id=undefined&sib_type=page&ma_title=Coll%C3%A9gien%20Chaussons%20Chaussettes%20pour%20toute%20la%20famille&sib_name=Coll%C3%A9gien%20Chaussons%20Chaussettes%20pour%20toute%20la%20famille&ma_referrer=https%3A%2F%2Fcollegien-shop.fr%2F&ma_path=%2F
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=nrm6kycqmxq0bdzsn3v9cu4r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292225cea5b2b3c6956c83e04ac48a840782d30bcd8b40334aee13334639b1a3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 05:06:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8b5fda431c20cdb2-LHR
content-length
15
consentWallStep.js
static.axept.io/
10 KB
4 KB
Script
General
Full URL
https://static.axept.io/consentWallStep.js
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:c400:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768448d30f2c5309d5f4118d733d6424745614cbbb51b13d8e2bd965af36326e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 08:34:25 GMT
content-encoding
gzip
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 08:27:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
74293
x-amz-server-side-encryption
AES256
etag
W/"30ff2da4e8a93186bc6a7a1edac3264f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
WLdRg6VqrUQmyTUPdnmV_sYSWIh_5OSflt6kYzs02tRL7V8pEh1Rdg==
favicons
favicons.axept.io/
214 B
505 B
Image
General
Full URL
https://favicons.axept.io/favicons?domain=https://analytics.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
7434268887c40f9e23f89280274581d9291ad4bb66ef7f042caac86a0c328f83

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 01:12:38 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P10
age
532413
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=86400
content-length
214
x-amz-cf-id
S1ecfSWO9QXJmcFpMp2unpw9YydJ6UVyQl7Cq1DiGA_4dTTlvPL1_g==
favicons
favicons.axept.io/
371 B
660 B
Image
General
Full URL
https://favicons.axept.io/favicons?domain=https://ads.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
7700d724f7a07792d356c2190b1a2d53d1bc377bbbf0f61a027f5970d4fc2076

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 02:29:04 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P10
age
182227
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=86400
content-length
371
x-amz-cf-id
_lCn1qd6Ls0bhhz7_-XRwUc4MzpfIPbqt5jwJ81UF1YVYDVNk1GtPQ==
favicons
favicons.axept.io/
404 B
695 B
Image
General
Full URL
https://favicons.axept.io/favicons?domain=https://fr-fr.facebook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 07:01:37 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P10
age
597874
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=604800
alt-svc
h3=":443"; ma=86400
content-length
404
x-amz-cf-id
XYXOqib-gL3qnDr-9-pAcLGsEHliyZN3EEl4j1wmYiB7WrkZ-NRF5A==
b5029d5f-3e20-4f6f-85ea-d4ba82d27592.jpg
axeptio.imgix.net/2024/05/
4 KB
4 KB
Image
General
Full URL
https://axeptio.imgix.net/2024/05/b5029d5f-3e20-4f6f-85ea-d4ba82d27592.jpg?auto=format&fit=crop&w=165&h=60&dpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1775bea459cf1927829a69c90891fb3db5dd6e1636ddd02776342d216dbf8840
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 05:06:11 GMT
x-content-type-options
nosniff
age
2338302
x-cache
HIT, HIT, HIT
x-imgix-id
ffcc59800abe305ff6eb617d81e9f3acc56feca3
cross-origin-resource-policy
cross-origin
content-length
3792
x-served-by
cache-sjc1000130-SJC, cache-fra-etou8220139-FRA, cache-lcy-eglc8600098-LCY
last-modified
Wed, 24 Jul 2024 03:34:30 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __CONTRIBUTION_MODE_DATA__ object| dataLayer object| __SSR_DEVICE__ object| __APOLLO_STATE__ object| __SESSION_SELF_DESTRUCTED_DATA__ object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_manager object| google_tag_data object| axeptioSettings function| clearImmediate function| setImmediate object| regeneratorRuntime object| apolloClient object| sib object| sendinblue object| webpackChunk_axeptio_widget_client object| __axeptioSDK object| _axcb function| gtag object| axeptioSDK string| axeptioBuildTimestamp object| websiteOverlay function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton

6 Cookies

Domain/Path Name / Value
collegien-shop.fr/ Name: dis_waf_js
Value: 492dc0704214a2378c00105e821dcaf9bf2ad7c8b0152156f517893aa9078a8bb6597e2f73aa088172cb34463f52c1ccc8e157c7ab5c4b4866f5b277f3312efbac3ed15c74800f1d205b9a099f034a1b05ce67c7e8126eccbb53b452e662feb055bde9fd83e71fa0c6b389f6f98ffdb096a7b217a384d33642acb2014cc590fb5f5c61f0d08b81afd565ff9315bcd43369
collegien-shop.fr/ Name: axeptio_cookies
Value: {%22$$token%22:%22jvvymvwii76rq0mvadwia%22%2C%22$$date%22:%222024-08-20T05:06:10.531Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
collegien-shop.fr/ Name: axeptio_authorized_vendors
Value: %2C%2C
collegien-shop.fr/ Name: axeptio_all_vendors
Value: %2C%2C
.collegien-shop.fr/ Name: sib_cuid
Value: de0bbe5f-3e4a-410f-8152-2c4417caa16d
sibautomation.com/ Name: uuid
Value: 8b81fd88-086f-4aab-9363-eba1c176cbb9

2 Console Messages

Source Level URL
Text
network error URL: https://collegien-shop.fr/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://in-automate.brevo.com/p?key=nrm6kycqmxq0bdzsn3v9cu4r&cuid=de0bbe5f-3e4a-410f-8152-2c4417caa16d&ma_url=https%3A%2F%2Fcollegien-shop.fr%2F&email_id=undefined&sib_type=page&ma_title=Coll%C3%A9gien%20Chaussons%20Chaussettes%20pour%20toute%20la%20famille&sib_name=Coll%C3%A9gien%20Chaussons%20Chaussettes%20pour%20toute%20la%20famille&ma_referrer=https%3A%2F%2Fcollegien-shop.fr%2F&ma_path=%2F
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axeptio.imgix.net
client.axept.io
collegien-shop.fr
favicons.axept.io
in-automate.brevo.com
sibautomation.com
static.axept.io
www.googletagmanager.com
185.249.140.54
2600:9000:20eb:3200:19:61a3:b200:93a1
2600:9000:2359:c400:1c:f638:2940:93a1
2606:4700::6812:18f3
2606:4700::6812:645
2a00:1450:4001:80e::2008
2a04:4e42:400::720
3.161.82.9
0e2e26695ce2bfc5842e7d186f6582cbe822e78bd3cf89d861a7712c844e10b5
0f207c46754553f74c1cee65a6d0a4214dda9138f64ab09cebfc820ad3b71a2e
1775bea459cf1927829a69c90891fb3db5dd6e1636ddd02776342d216dbf8840
244b63aef8b2b2a3c3190f558f80ec481543d65cca37a87ffc48f6d526788b72
292225cea5b2b3c6956c83e04ac48a840782d30bcd8b40334aee13334639b1a3
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
2df856abe18e45c91e487343c22f2914a713b27d66a38da46110f0a2832d11a0
384dd78642085ccb96d04488c69bad37b299a52caa22b7feb78c10ce355ad035
3be66402efb2cf2916972fac49aef00a0f6148e834a7501aa85e52834a4451de
3e819cf3c3aed49b32d292ee0bc121dccad05d5ef86d4cac284ed3a55e7b5468
43df1ef26205bb488719bee3a60f880393a63089e5b515eb365a9d2c8793c347
517be397db5d618d34c60b12463674d85a7251b4dff1f919388e53e00a4d3905
530d85a40b113d4826d14ca075dcbcf8d7210afe20c9efbccfc979433508b55f
55ddc706ee9735da983915998fa35a91c5dd730d4c3d7b5872e047aeb5a49dc5
571b2c280da015f9296fd8c0324fe756512f534b8611b844488feba95a618e89
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5bf08acb0a721746e26dc64c954421f4a27cc87795396af53f02e4953cc5389f
5da8fe9fbf211c1edaa3fe25bd6e87262824e97df9994300a8361460f7ba7ec2
631e09c7bce63616beec7f17de630f520a341e7fda8f7916b0890ded892f1a0b
639ae2e7e75734c3c0e9fdc95b064dc8aed2b7a577c12d1ee927339512df7efb
669aa1c413f32a99fc1a09e666abd01ad809dcbd6dcdb16b60e0da625f7233a0
69dbfb1cadebf2ac66cf2d3a3f20dc35f4fb362786eb5aa11ce4eeca24e68c45
7434268887c40f9e23f89280274581d9291ad4bb66ef7f042caac86a0c328f83
768448d30f2c5309d5f4118d733d6424745614cbbb51b13d8e2bd965af36326e
7700d724f7a07792d356c2190b1a2d53d1bc377bbbf0f61a027f5970d4fc2076
7e01f69fafc66103819f21b8a178716823fa2026f18a4d61cb3319a4b9a4b4d3
7f7ba87e3bbdf17d85a90e243e435d03ba7ceaf38f43f9a59b1907a60032f18c
81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72
84033b24e9247cc3fd24f44f600c8563ffe66d5865fca1529eb27158984cc0fb
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
882f10a8789cdaed0607e609b1c5771c9cff1d93e5b096ace37b216780360687
8918829258bec036379feda649e91def5974eca43cf144d5b74152e9213604e9
913e28731950e6ba9c4d18f87d6af382cfdba5479883f0a1c0637c47d059d4c4
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
a081b8075d45b6abbbcf14399bba1c47504f79c7cdf20ee0f3ec4ed4d59b8f69
a258b7342ddd15a88e41a2c2c66478baf02fb7f1626a788d9225763f00af11f8
b6df801050ead9ea3fce6f9de5994afb0a2a6e3b57fdbe586fcadd69e8150e75
b8cf98217462362913f2bf0bb7858a51a374132ee0864d11235e45b1a1fdfe8e
c2436c5d1913f52e2ffa10ed28205031f04da2b6b30de2f45f4204b2eb216939
c27ae31d5f3dd78622622c0f64cc904f5c07cb7b0e707c6c9250f6c5d53bb4ea
c300a1a5efc9be78bb424d6ca026226bec89de2e66df3833683818c173e58aa2
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d13fcb01ca0b7c5fdf3474c748337a9fab27007865c677bbb0f624a3007fbd7c
d7da04f79f972acb049c226040d0e918d3856e9bf4765933e0adf957a4e27434
db9ce631c7d6f98770ca6a218966102efc0084a6f8dab8edf960e61ca672a1ef
e2e217c6e09ab5517bdc61da199fd6cdd5ffad2c93cfec0c121cbcaafbf085ac
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
ea96c1b9a3424181aaaf8a80fb239c4e7d9861382bd7b28b81a48b0ef29c15e5
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340
f248ce1206daaf68b21082d50c064ad83f4eac68a22e5b4d331449ca35f4e392
f48f6ac044d0fb3dec868e97a90821edc02db0622e4ee9e91dd1d71aabbd723f