actu.voici.fr Open in urlscan Pro
104.96.135.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.p...
Effective URL:
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoris...
Submission: On July 29 via api (July 29th 2022, 12:05:13 pm UTC) from IE — Scanned from FR

Summary HTTP 63 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 63 HTTP transactions. The main IP is 104.96.135.103, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is actu.voici.fr. The Cisco Umbrella rank of the primary domain is 640586.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 20th 2022. Valid for: a year.

This is the only time actu.voici.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.190.170.12 91.190.170.12	31688 (SPLIO-AS) (SPLIO-AS)
2 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:41d0:403... 2001:41d0:403:34c2::	16276 (OVH) (OVH)
1 2	54.76.232.54 54.76.232.54	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
3 19	104.96.135.103 104.96.135.103	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	192.229.221.61 192.229.221.61	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80f::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.98.147 13.32.98.147	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.226 192.229.221.226	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
2	2a00:1450:401... 2a00:1450:4014:80b::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.86.106 65.9.86.106	16509 (AMAZON-02) (AMAZON-02)
6	13.225.78.87 13.225.78.87	16509 (AMAZON-02) (AMAZON-02)
63	16

1 91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr

s3s-main.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wtm.people-addict.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:403:34c2:: (France)

ASN16276 (OVH, FR)

r.phywi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.232.54 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-232-54.eu-west-1.compute.amazonaws.com

er.cloud-media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.96.135.103 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-103.deploy.static.akamaitechnologies.com

actu.voici.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consents.prismamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.prismaconnect.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prismaconnect.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creas.prismamediadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.229.221.61 (United States)

ASN15133 (EDGECAST, US)

tra.scds.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80b::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80f::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-98-147.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.226 (United States)

ASN15133 (EDGECAST, US)

img.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-106.ams1.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-87.fra2.r.cloudfront.net

consent.voici.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	voici.fr 2 redirects actu.voici.fr — Cisco Umbrella Rank: 640586 consent.voici.fr — Cisco Umbrella Rank: 533147	122 KB
15	gstatic.com fonts.gstatic.com	213 KB
10	pmdstatic.net tra.scds.pmdstatic.net — Cisco Umbrella Rank: 120011 img.pmdstatic.net — Cisco Umbrella Rank: 100093	346 KB
3	prismaconnect.fr www.prismaconnect.fr — Cisco Umbrella Rank: 171918 api.prismaconnect.fr — Cisco Umbrella Rank: 149208	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	159 KB
3	people-addict.fr 2 redirects wtm.people-addict.fr	4 KB
2	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4929	52 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10303	530 B
2	cloud-media.fr 1 redirects er.cloud-media.fr — Cisco Umbrella Rank: 184209	420 B
2	phywi.org r.phywi.org — Cisco Umbrella Rank: 102538	1 KB
1	prismamediadigital.com creas.prismamediadigital.com — Cisco Umbrella Rank: 239121	1 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2907	450 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2302	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211	28 KB
1	prismamedia.com 1 redirects consents.prismamedia.com — Cisco Umbrella Rank: 128991	380 B
1	s3s-main.net s3s-main.net — Cisco Umbrella Rank: 191809	1 KB
63	18

	Domain	Requested by
15	fonts.gstatic.com	actu.voici.fr fonts.googleapis.com
14	actu.voici.fr	2 redirects wtm.people-addict.fr actu.voici.fr www.datadoghq-browser-agent.com
9	tra.scds.pmdstatic.net	actu.voici.fr www.datadoghq-browser-agent.com s3s-main.net www.prismaconnect.fr
6	consent.voici.fr	www.datadoghq-browser-agent.com cdn.privacy-mgmt.com consent.voici.fr
3	www.googletagmanager.com	actu.voici.fr tra.scds.pmdstatic.net www.googletagmanager.com
3	wtm.people-addict.fr	2 redirects
2	api.prismaconnect.fr	tra.scds.pmdstatic.net
2	cdn.privacy-mgmt.com	s3s-main.net cdn.privacy-mgmt.com
2	www.google-analytics.com	www.googletagmanager.com actu.voici.fr
2	redirect.frontend.weborama.fr	2 redirects
2	er.cloud-media.fr	1 redirects wtm.people-addict.fr
2	r.phywi.org	wtm.people-addict.fr
1	creas.prismamediadigital.com	consent.voici.fr
1	www.prismaconnect.fr	s3s-main.net
1	cdn.polyfill.io	tra.scds.pmdstatic.net
1	img.pmdstatic.net	actu.voici.fr
1	www.datadoghq-browser-agent.com	actu.voici.fr
1	fonts.googleapis.com	actu.voici.fr
1	securepubads.g.doubleclick.net	actu.voici.fr
1	consents.prismamedia.com	1 redirects
1	s3s-main.net
63	21

This site contains links to these domains. Also see Links.

Domain
www.voici.fr
www.prismamedia.com
www.prismamediasolutions.com
ops.voici.fr
www.prismashop.fr

Subject Issuer	Validity	Valid
s3s.fr Sectigo RSA Domain Validation Secure Server CA	`2022-04-21` - `2023-05-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.phywi.org Gandi Standard SSL CA 2	`2022-01-13` - `2023-02-13`	a year	crt.sh
prismamediadigital.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-20` - `2023-04-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
www.gala.fr Sectigo RSA Organization Validation Secure Server CA	`2021-12-03` - `2022-12-03`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.privacy-mgmt.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
consent.caminteresse.fr R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Frame ID: 3BEA61A497C8ACD043DF0D8DF0FDEB21
Requests: 53 HTTP requests in this frame

Frame: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Frame ID: C787CEA3DA5F2A01AE85F63A0ABE79F5
Requests: 3 HTTP requests in this frame

Frame: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Frame ID: C83016A5E38AF866F270DB45B5B2F776
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pékin Express : Inès Reg et sa soeur traitées de "s***pes" par Valérie Trierweiler, l'humoriste réagit enfin

Page URL History Show full URLs

https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u... Page URL
https://wtm.people-addict.fr/r/eNpVkc1uozAUhZ%2BG2bkQHAwsqhEpSSdJ0%2BavNGETGXMJngHbMiaEPP24mtVIluyj7%2Bjo... HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233b... HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voi... Page URL
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-... HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.voici.fr&redirectUri=%2fnews-people%2fpekin... HTTP 302
https://actu.voici.fr/?authId=517dfb68cae686d5ceff2f4afab1998d&redirectUri=%2fnews-people%2fpekin-... HTTP 302
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

63
Requests

97 %
HTTPS

47 %
IPv6

18
Domains

21
Subdomains

16
IPs

5
Countries

972 kB
Transfer

2488 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.voici.fr/
Title: Voici

Search URL Search Domain Scan URL

URL: http://www.prismamedia.com/cgu-groupe-prisma/
Title: CONDITIONS GÉNÉRALES D'UTILISATION

Search URL Search Domain Scan URL

URL: https://www.prismamediasolutions.com/
Title: PUBLICITÉ

Search URL Search Domain Scan URL

URL: https://www.prismamedia.com/mentions-legales-voici/
Title: MENTIONS LÉGALES

Search URL Search Domain Scan URL

URL: https://ops.voici.fr/magazines/
Title: TOUS VOS MAGAZINES

Search URL Search Domain Scan URL

URL: https://www.prismashop.fr/tous-les-magazines/feminin/voici.html?code=SIEABOVOI&utm_source=voi-fr&utm_medium=sites-editos&utm_campaign=header
Title: ABONNEMENT MAGAZINE

Search URL Search Domain Scan URL

URL: http://www.prismamedia.com/charte-pour-la-protection-des-donnees/
Title: CHARTE POUR LA PROTECTION DES DONNÉES PERSONNELLES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D Page URL
https://wtm.people-addict.fr/r/eNpVkc1uozAUhZ%2BG2bkQHAwsqhEpSSdJ0%2BavNGETGXMJngHbMiaEPP24mtVIluyj7%2BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%2F9c22M6hycOP7CHspM%2F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%2F2ahZcmZcXxCW%2BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%2B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%2BNsR2J4%2B6Ljaw6P27s28nFu1fp4vr%2BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%2Bvc%2FlKckStc%2BHM%2FlYpzI9bJdMh2O0%2Fjz1tYhe88dg%2Fabe7mdZnmyEPszx7mWzr1%2FsP83oUpBNOmqd3Tar3wZ%2FDfgvOgi33g%3D%3D HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/12/39/o/?u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 Page URL
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article HTTP 302
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.voici.fr&redirectUri=%2fnews-people%2fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3futm_source%3dwelcomingpeopleaddict%26utm_medium%3dcpc%26utm_campaign%3dpmo_voi_article HTTP 302
https://actu.voici.fr/?authId=517dfb68cae686d5ceff2f4afab1998d&redirectUri=%2fnews-people%2fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3futm_source%3dwelcomingpeopleaddict%26utm_medium%3dcpc%26utm_campaign%3dpmo_voi_article HTTP 302
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://wtm.people-addict.fr/r/eNpVkc1uozAUhZ%2BG2bkQHAwsqhEpSSdJ0%2BavNGETGXMJngHbMiaEPP24mtVIluyj7%2BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%2F9c22M6hycOP7CHspM%2F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%2F2ahZcmZcXxCW%2BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%2B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%2BNsR2J4%2B6Ljaw6P27s28nFu1fp4vr%2BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%2Bvc%2FlKckStc%2BHM%2FlYpzI9bJdMh2O0%2Fjz1tYhe88dg%2Fabe7mdZnmyEPszx7mWzr1%2FsP83oUpBNOmqd3Tar3wZ%2FDfgvOgi33g%3D%3D HTTP 302
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/12/39/o/?u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3 HTTP 302
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Request Chain 3

https://er.cloud-media.fr/r/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

Request Chain 4

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3817829718 HTTP 302
https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=d4zws0YCXMUZdiEUeL1.He

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 108890695.html Show response
s3s-main.net/fw19c3/21805526/22531599/ 740 B
1 KB 123ms
44ms Document
text/html 91.190.170.12
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash: 5845ef93d104d5fc5d9a7e7d7b753b07339b81b45300fc4ce0fa99a2833472d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 740
Content-Type: text/html
Date: Fri, 29 Jul 2022 12:05:09 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
P3P: policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Pragma: no-cache
Server: Apache
X-Robots-Tag: noindex,nofollow

GET
H3

200

redirection.html Show response
wtm.people-addict.fr/
Redirect Chain

https://wtm.people-addict.fr/r/eNpVkc1uozAUhZ%2BG2bkQHAwsqhEpSSdJ0%2BavNGETGXMJngHbMiaEPP24mtVIluyj7%2BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%2...
https://wtm.people-addict.fr/w/590008/fa8a1598a8c96ef63907647854d52f9e/1835/666/90fe8f7b5bf10f9e5cf2e233bd652ee8/12/39/o/?u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-...
https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierw...

4 KB
2 KB

66ms
66ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c5a8e566ca99469aab6db15032f5010bd64f139662a17b67f1e3380fcbaba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7325b89f0a70b90f-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 12:05:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qn%2BlOUX0Bs6RepsSKBquycMrYUHxJkYZPgNEeX42iOKGHJ1qh4XfjF%2Fe%2FBfahj6NCuNbdRISmseepabMCVhptqBeLa2ZDQz4iDLq6wGperAyz3EYTUV393B%2B2XVKlaHOCeh9xUst71W5dmHBgXvAckVN3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-request-id: AC476694:40A4_33B2446D:0050_62E3CCF1_5623FA5:0008

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7325b89eab780c19-AMS
content-length: 0
date: Fri, 29 Jul 2022 12:05:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 01 Jan 2014 00:00:00 GMT
location: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWURwh1VSx7936zpkwbBAoMaRvZm9w6xgcFnQ9TWhZW83cO3JPRhg8qFs%2FRaLlIRW8urs9lRGsJrbptuCfM%2BOYtLXB1bB4u2q80H6LFliMlaIeeAaSGhpo9QF9FViU4viayZxPWrU%2FgnaqMuNaulMxCDjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-request-id: 8D654D3D:E034_33B2446D:0050_62E3CCF5_5623F84:0008

GET
H2 200 cl.gif
r.phywi.org/ 43 B
582 B 91ms
31ms Image
image/gif 2001:41d0:403:34c2::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/cl.gif?m=fa8a1598a8c96ef63907647854d52f9e

Requested by

Host: wtm.people-addict.fr
URL: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:403:34c2:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:05:09 GMT
server: nginx
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id: 200141D00008D1540000000000000015:D006_200141D0040334C20000000000000000:01BB_62E3CCF5_CC20CFF:000F
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2

200

20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/
Redirect Chain

https://er.cloud-media.fr/r/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041
https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

35 B
230 B

95ms
94ms

Image
image/gif

54.76.232.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041

Requested by

Protocol

Server

54.76.232.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-232-54.eu-west-1.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
x-content-type-options: nosniff
server: awselb/2.0
content-length: 35
content-type: image/gif

Redirect headers

location: https://er.cloud-media.fr/c/fa8a1598a8c96ef63907647854d52f9e/20305b1d-4a14-4990-b6a1-7765863e4041
date: Fri, 29 Jul 2022 12:05:10 GMT
x-content-type-options: nosniff
server: awselb/2.0
content-length: 0
x-xss-protection: 1; mode=block
content-type: text/html;charset=utf-8

GET
H2

200

webo.gif
r.phywi.org/
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3Dfa8a1598a8c96ef63907647854d52f9e%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3817829718
https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=d4zws0YCXMUZdiEUeL1.He

43 B
581 B

45ms
45ms

Image
image/gif

2001:41d0:403:34c2::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=d4zws0YCXMUZdiEUeL1.He

Requested by

Protocol

Server

2001:41d0:403:34c2:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://wtm.people-addict.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:05:10 GMT
server: nginx
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id: 200141D00008D1540000000000000015:D006_200141D0040334C20000000000000000:01BB_62E3CCF5_CC20D37:000F
expires: Sun, 01 Jan 2014 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:05:09 GMT
via: 1.1 google
last-modified: Fri, 29 Jul 2022 12:05:10 GMT
server: Weborama Collect Frontend
location: https://r.phywi.org/webo.gif?md=fa8a1598a8c96ef63907647854d52f9e&wb=d4zws0YCXMUZdiEUeL1.He
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

Primary Request pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786 Show response
actu.voici.fr/news-people/
Redirect Chain

https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_camp...
https://consents.prismamedia.com/?redirectHost=https%3A%2F%2Factu.voici.fr&redirectUri=%2fnews-people%2fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit...
https://actu.voici.fr/?authId=517dfb68cae686d5ceff2f4afab1998d&redirectUri=%2fnews-people%2fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-73478...
https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_camp...

32 KB
10 KB

467ms
466ms

Document
text/html

104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Requested by: Host: wtm.people-addict.fr
URL: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 / PHP/7.4.26
Resource Hash: c305b47829eec64fbbaae1fe8e5b46996a98eff1661f867d238447fa1890b5e7

Request headers

Referer: https://wtm.people-addict.fr/redirection.html?m=fa8a1598a8c96ef63907647854d52f9e&u=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Dpmo_voi_article&dc=2ZR9EaDNnnIlbZbAhVMwJbwfiPmXnE%2FV1oIA%2FPTmw7MPy2cV93HyBQ69eLWayGZezvNrtozYmpKTYxLJT9UbAFVn48yZ0Dns04talQQL%2BFiS5ehEgxEoXAVApRZwY6OKDoDSPIcr7y8KUXuhn8GZzw%2BthPRBVZAMnrSE3QCMRhCF%2BaIn6MDyrrVvMJjt3Ww3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-length: 9801
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 12:05:10 GMT
server: nginx/1.17.8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26

Redirect headers

content-length: 0
date: Fri, 29 Jul 2022 12:05:10 GMT
location: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
server: AkamaiGHost

GET
H2 200 JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 9 KB
10 KB 96ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2

Requested by

Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c64881a0b9eb5f2069c474af58c46a6bacb1058aad311de7117f36c07b4c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:28:28 GMT
x-content-type-options: nosniff
age: 16602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9280
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Jul 2023 07:28:28 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 124ms
57ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 20:53:33 GMT
x-content-type-options: nosniff
age: 141097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 20:53:33 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 4 KB
4 KB 114ms
47ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30b179f4481d978f6a49c6ec571c2592a3213ce19233592384e04c044ee675d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:59:11 GMT
x-content-type-options: nosniff
age: 241559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3792
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:59:11 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
12 KB 157ms
90ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 08:12:54 GMT
x-content-type-options: nosniff
age: 273136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11712
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 08:12:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 160ms
94ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 20:06:25 GMT
x-content-type-options: nosniff
age: 230325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Jul 2023 20:06:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gTD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 9 KB
9 KB 165ms
99ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gTD_vx3rCubqg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91f06351236f84865d4f1e87c431fe940f7cd7aeb9f68999fc0740c3c7451987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:45:49 GMT
x-content-type-options: nosniff
age: 191961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9236
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 06:45:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 168ms
102ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 21:03:46 GMT
x-content-type-options: nosniff
age: 140484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8004
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 21:03:46 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gbD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 4 KB
4 KB 164ms
98ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gbD_vx3rCubqg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b73900d6286b2b4310ca64f2c462a38c8f645d42e6147cf89784da1329b9391e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:16:18 GMT
x-content-type-options: nosniff
age: 17332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3736
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Jul 2023 07:16:18 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 11 KB
11 KB 100ms
34ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:51:00 GMT
x-content-type-options: nosniff
age: 184450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11576
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 08:51:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 151ms
85ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:23:28 GMT
x-content-type-options: nosniff
age: 218502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Jul 2023 23:23:28 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgEM86xRbPQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 19 KB
19 KB 170ms
105ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgEM86xRbPQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0823cad5e08bc259aafca8aa7f7b5d2c5be44e1697df6e5529276583def6ee05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:51:02 GMT
x-content-type-options: nosniff
age: 184448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19764
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:19:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 08:51:02 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgEM86xRbPQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 7 KB
7 KB 144ms
79ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgEM86xRbPQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b421a6ac7ce2d5288e437bfa92091b0c582d9e0a2c36b94cc1abcce149f052be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:53:22 GMT
x-content-type-options: nosniff
age: 15108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7140
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:14:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Jul 2023 07:53:22 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgEM86xRbPQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 17 KB
18 KB 145ms
79ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgEM86xRbPQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cb7c55c46555249e6e01ac41c081d633d9e25eb6e38f92fdbd02f7303b370bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:48:17 GMT
x-content-type-options: nosniff
age: 447413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17844
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:35:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 24 Jul 2023 07:48:17 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 32 KB
33 KB 124ms
59ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:22:26 GMT
x-content-type-options: nosniff
age: 193364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33256
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:30:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 06:22:26 GMT

GET
H2 200 browsertools.js Show response
tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/ 37 KB
13 KB 100ms
23ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7D) /
Resource Hash: 615f78163711d6ad11c7875d6e56671ace387c9044a0403d34de7632e34d4ec1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
content-encoding: gzip
age: 3205088
x-cache: HIT
content-disposition: inline
content-length: 12534
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 09:46:26 GMT
server: ECAcc (paa/6F7D)
etag: W/"dc4e581336d9aa0b4d988d2a4b96f323"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: m_OG0LpYKA0sudnoO7.mY_Acpo2d9eOr
via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: xC2ZqhpHak849idFDrj2chjrqA1W2deo0K8xUg7-O4IGX9iD11KNjQ==

GET
H2 200 core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.175.0/ 278 KB
83 KB 100ms
24ms Other
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F28) /
Resource Hash: a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03

Request headers

Referer: https://actu.voici.fr/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
content-encoding: gzip
age: 169405
x-cache: HIT
content-disposition: inline
content-length: 84206
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 13:01:23 GMT
server: ECAcc (paa/6F28)
etag: W/"f4458ff972b62ef3bac254d5d284eabd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XVjfQeBXw_WiMW5Hq7aVzdIj_zogKap2
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: i1wQVkWIQr6wSRdfF8IlnN2tPMaSWbgAPEAg1TS2sO6ETVmjKoe2rg==

GET
H2 200 article-voi.d84d4943e43de2f863af.js Show response
actu.voici.fr/assets/scripts/ 22 KB
8 KB 55ms
53ms Script
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/scripts/article-voi.d84d4943e43de2f863af.js
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 76b2283c542c92a5b302f23226a73c5c787fffba7e7861080f306fed6521cdb6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412909
content-length: 8180

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d14b867982443a7075d98f19a35451124a65eef943df0b54933dce6eede77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28339
x-xss-protection: 0
server: sffe
etag: "1287 / 175 of 1000 / last-modified: 1659092852"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Jul 2022 12:05:10 GMT

GET
H2 200 critical-voi.14a1bb2852371a2097d5.css
actu.voici.fr/assets/styles/ 17 KB
4 KB 46ms
45ms Stylesheet
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/styles/critical-voi.14a1bb2852371a2097d5.css
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 7ba6a2de2799e12960f5f78979bddb065b7b5f396254df4c4243f011ec672220

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741516
content-length: 3726

GET
H2 200 article-voi.b9e8b940a93023f4e1a2.css
actu.voici.fr/assets/styles/ 0
129 B 51ms
50ms Stylesheet
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/styles/article-voi.b9e8b940a93023f4e1a2.css
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:10 GMT
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741706
accept-ranges: bytes
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 133ms
49ms Stylesheet
text/css 2a00:1450:4014:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 11:32:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 12:05:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 12:05:10 GMT

GET
H2 200 ines-reg-ce-qu-elle-a-trouve-particulierement-difficile-dans-pekin-express-duos-de-choc.jpg
actu.voici.fr/imgre/fit/~1~voi~2022~07~25~580c5732-d547-464c-865c-72dc7b8c0bf9.jpeg/100x100/cr/wqkgU3RhcmZhY2UgLyBWb2ljaQ%3D%3D/ 2 KB
2 KB 146ms
144ms Image
image/jpeg 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actu.voici.fr/imgre/fit/~1~voi~2022~07~25~580c5732-d547-464c-865c-72dc7b8c0bf9.jpeg/100x100/cr/wqkgU3RhcmZhY2UgLyBWb2ljaQ%3D%3D/ines-reg-ce-qu-elle-a-trouve-particulierement-difficile-dans-pekin-express-duos-de-choc.jpg
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cc3745d70f2ca6b3511e8b031bdeb648c877a7a13a04ef98201824d1bd22bc63

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
last-modified: Thu, 28 Jul 2022 07:23:58 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: public, max-age=31432777, s-maxage=31536000
access-control-allow-headers: X-Photosphere
content-length: 1998
expires: Fri, 28 Jul 2023 07:24:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
45 KB 133ms
50ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

655bdacc8cdd4d9d6ea71d2f5d294ca3398ed19324ee40144d4dbb2cc6743b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45676
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:05:11 GMT

GET
H2 200 datadog-rum-slim-v4.js Show response
www.datadoghq-browser-agent.com/ 68 KB
23 KB 124ms
28ms Script
application/javascript 13.32.98.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.98.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-98-147.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ed5554c4bf50f30f6b6aaf48ba8b54e7cb141f032ed2da479a3c7095705010

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:04:55 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 10:13:15 GMT
server: AmazonS3
age: 23
etag: W/"7721e1d5b1b154cd619a2d07abc5f348"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 0D1y4YKlLQIjqjLGYv90r91J6ANoe21Zcgff82Y5X8wM8h8Y8P26Lg==

GET
H2 200 transformation.jpg
img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fvoi.2F2022.2F07.2F29.2Fcf82d674-2f2f-4af6-8544-bde68f45d6bd.2Ejpeg/1200x900/q/80/ 120 KB
120 KB 96ms
20ms Image
image/jpeg 192.229.221.226
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fvoi.2F2022.2F07.2F29.2Fcf82d674-2f2f-4af6-8544-bde68f45d6bd.2Ejpeg/1200x900/q/80/transformation.jpg
Requested by: Host: actu.voici.fr
URL: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: e30e89bb06b520e7ffa653c94049520507d8df7c308a6f6af114b14207ca0de2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
last-modified: Fri, 29 Jul 2022 09:41:50 GMT
server: ECAcc (paa/6F7F)
age: 8602
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
accept-ranges: bytes
access-control-allow-headers: X-Photosphere
content-length: 122823
expires: Sat, 29 Jul 2023 12:05:11 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
450 B 97ms
40ms XHR
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default,arrayMap,IntersectionObserver,MutationObserver
Requested by: Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 05:13:36 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/103.0.0
server-timing: cache-cdg20768, PASS, fastly;desc="Edge time";dur=19
accept-ranges: bytes
content-length: 126

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 82ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://actu.voici.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 304382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:32:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
33ms Script
text/javascript 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F76P37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6890
date: Fri, 29 Jul 2022 10:10:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 12:10:21 GMT

GET
H2 200 sourcepoint.min.js Show response
tra.scds.pmdstatic.net/sourcepoint/4.7.1/ 13 KB
5 KB 21ms
20ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/sourcepoint/4.7.1/sourcepoint.min.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F79) /
Resource Hash: 2020a1d61cfe16f730427ff06e714d7c038018e9728ff66af0bf38f772016dc3

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 341576
x-cache: HIT
content-disposition: inline
content-length: 5301
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 13:11:41 GMT
server: ECAcc (paa/6F79)
etag: W/"22bb41376f92cc9894ca45dd9bb55317"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kY.Awr7t.XIxyt3L0ZWNmCU1nuMxPw6L
via: 1.1 6b4e2529be13169ec5ee4214df435daa.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: HOrdqBWK4VF62SqurLu1mOCr8qZ3oTBW5JteqiwfvLszZUj86gdR8w==

GET
H2 200 critical-voi.df37fd5e9c14bed17447.js Show response
actu.voici.fr/assets/scripts/ 3 KB
994 B 38ms
37ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/scripts/critical-voi.df37fd5e9c14bed17447.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 3dc39024c8a2cf9e2d63c69fa3e1d340f913affc92ab828706a525c1c2027825

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=18741557
content-length: 831

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 105 KB
33 KB 116ms
28ms Script
application/javascript 65.9.86.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-106.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62d3cd5cc83b8d768e1069c4e85e939f9eb62db25c05edff966c1993f1907635

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:46:32 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 13:45:40 GMT
server: AmazonS3
age: 1119
etag: W/"6ce19d2b05ca320bb71562ba4230ce5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: CUCEw3XfMmdrQImdnJ4wdwlu7Ct9PEEbggwtMS_lyj-rZ0-zAWjqTg==

GET
H2 200 core-ads.js Show response
tra.scds.pmdstatic.net/advertising-core/4.175.0/ 278 KB
82 KB 20ms
20ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F28) /
Resource Hash: a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 169406
x-cache: HIT
content-disposition: inline
content-length: 84206
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 13:01:23 GMT
server: ECAcc (paa/6F28)
etag: W/"f4458ff972b62ef3bac254d5d284eabd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XVjfQeBXw_WiMW5Hq7aVzdIj_zogKap2
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: i1wQVkWIQr6wSRdfF8IlnN2tPMaSWbgAPEAg1TS2sO6ETVmjKoe2rg==

GET
H2 200 index.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/ 55 KB
17 KB 21ms
21ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/index.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F17) /
Resource Hash: 2d046a2227dd836270aa1ac5d5ff8cd3056d66e2d72242a6db4c17a085468776

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 1477380
x-cache: HIT
content-disposition: inline
content-length: 17187
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:24 GMT
server: ECAcc (paa/6F17)
etag: W/"0ad3ae3cc3e088c6f31d00f29350952f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CO81er7engpD2.X9Oouv5u12GE3Gu.VR
via: 1.1 ce22e0407d9b4f91724feba4d5aa25c2.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: MRS52-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: QRRbOlBeewUb6A6-8rKCv4Sm3ZDC1HsFyNAbScya7yCTsF90eZk_wA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
40 KB 118ms
50ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRTV7FH

Requested by

Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.54/browsertools.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

306829a9d0ac5ea867f6abf3194163cddecda9d16d5fdc5fb30ce4653d87f2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41200
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:05:11 GMT

GET
H2 200 main.fed25969880990837c6f.js Show response
actu.voici.fr/assets/scripts/ 22 KB
8 KB 41ms
40ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/scripts/main.fed25969880990837c6f.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 7bd6780f9a035305b848879076f64fc43e05a77e55dc41ddd423d4474f7a1417

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412852
content-length: 8293

GET
H2 200 main.7c6ba9bd30ad2a0b664e.css Show response
actu.voici.fr/assets/styles/ 1004 B
649 B 44ms
43ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/styles/main.7c6ba9bd30ad2a0b664e.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 83fc98a2f8ecf9bb09989f8915bd0550f208f55e2fd035883026dd9f55f1397e

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741650
content-length: 496

GET
H2 200 optinBundle.js Show response
tra.scds.pmdstatic.net/pmc-kit-components/3.11.0/ 8 KB
4 KB 21ms
20ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-kit-components/3.11.0/optinBundle.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F46) /
Resource Hash: fd280b0598e56e876432cbaac4aeb7c58c6267f83826959833e771a72ab1c18d

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 2666872
x-cache: HIT
content-disposition: inline
content-length: 3520
access-control-allow-origin: *
last-modified: Mon, 28 Jun 2021 09:27:27 GMT
server: ECAcc (paa/6F46)
etag: W/"c0d8110e82a19c7580bca756decdeea3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ro5nZLIV5MmlfYCUfBVLtWa5CQWpho2A
via: 1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: g3nHyMRdGROaOAR-uAUHHcETub9Bbm87mTeBNIp8SUi0M1qfN7jprA==

GET
H2 200 article-voi.d84d4943e43de2f863af.js Show response
actu.voici.fr/assets/scripts/ 22 KB
8 KB 45ms
45ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/scripts/article-voi.d84d4943e43de2f863af.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 76b2283c542c92a5b302f23226a73c5c787fffba7e7861080f306fed6521cdb6

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 10:04:38 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28412908
content-length: 8180

GET
H2 200 article-voi.b9e8b940a93023f4e1a2.css Show response
actu.voici.fr/assets/styles/ 0
129 B 48ms
48ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/styles/article-voi.b9e8b940a93023f4e1a2.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741705
accept-ranges: bytes
content-length: 0

GET
H2 200 clickToAutoplay.e1359912c52e4934ad93.js Show response
actu.voici.fr/assets/scripts/ 2 KB
1014 B 48ms
48ms XHR
application/javascript 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/scripts/clickToAutoplay.e1359912c52e4934ad93.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: e13e707a12e7fd93e99657b93f111f07ae7051a784d39631edd4cc99473426ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 15:37:03 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=27202620
content-length: 852

GET
H2 200 clickToAutoplay.97ba89e895206353558f.css Show response
actu.voici.fr/assets/styles/ 1 KB
572 B 48ms
48ms XHR
text/css 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://actu.voici.fr/assets/styles/clickToAutoplay.97ba89e895206353558f.css
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: nginx/1.17.8 /
Resource Hash: 781aadf0c6b48ae575596498e0606a404b1bce6a5fc44fdae33d4d6d50ce5665

Request headers

Accept: application/json, text/plain, */*
Referer: https://actu.voici.fr/news-people/pekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786?utm_source=welcomingpeopleaddict&utm_medium=cpc&utm_campaign=pmo_voi_article
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:25:19 GMT
server: nginx/1.17.8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=18741599
content-length: 419

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
33ms Image
image/gif 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=144395455&t=pageview&_s=1&dl=https%3A%2F%2Factu.voici.fr%2Fnews-people%2Fpekin-express-ines-reg-et-sa-soeur-traitees-de-spes-par-valerie-trierweiler-lhumoriste-reagit-enfin-734786%3Futm_source%3Dwelcomingpeopleaddict%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_voi_article&dr=https%3A%2F%2Fwtm.people-addict.fr%2F&ul=en-us&de=UTF-8&dt=P%C3%A9kin%20Express%20%3A%20In%C3%A8s%20Reg%20et%20sa%20soeur%20trait%C3%A9es%20de%20%22s***pes%22%20par%20Val%C3%A9rie%20Trierweiler%2C%20l%27humoriste%20r%C3%A9agit%20enfin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&cid=477538908.1659096311&tid=UA-192933331-10&_gid=1264491844.1659096311&gtm=2wg7r05F76P37&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&cd27=https%3A%2F%2Fwtm.people-addict.fr%2F&npa=1&z=914003035

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 02:43:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33731
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmc_conf_prod_b8ccf2181f12690c219e.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ 377 B
539 B 21ms
20ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/pmc_conf_prod_b8ccf2181f12690c219e.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F25) /
Resource Hash: 397fb7fad165c8945c32fc6354a0ba1ab1f703261d51d4bb668b79dbe0bf9a3c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 1477407
x-cache: HIT
content-disposition: inline
content-length: 263
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:23 GMT
server: ECAcc (paa/6F25)
etag: "b93097ad0fd4a85c64011fae98c94ba5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Z7KGA3IIC6hSP_SaVP0iiu9inIG9GeAy
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: -UT8A8UFy4SYyPoNLpm6sLrXGC0KIRV2SBOwzdJlOmw8KylNmufs1g==

GET
H2 200 gdpr-tcf.52bc741007b8279460bd.bundle.js Show response
cdn.privacy-mgmt.com/unified/3.6.3/ 80 KB
19 KB 28ms
28ms Script
application/javascript 65.9.86.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/3.6.3/gdpr-tcf.52bc741007b8279460bd.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-106.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2333a337cd9097f7fe63b86f32acfbb930573639ae16373086ca793d809cd1f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:18:43 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 13:44:36 GMT
server: AmazonS3
age: 2789
etag: W/"0af31f20730f84d69a20aef971da3c45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: lV9f_OxuRBpkICdZW6Sb4RLPL7bkstS7-TyHN5RvKA0F53RDiI8Qfw==

POST
H2 200 get_messages Show response
consent.voici.fr/wrapper/v2/ 196 KB
16 KB 58ms
58ms XHR
application/json 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.voici.fr/wrapper/v2/get_messages?requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&hasCsp=true&env=prod

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-87.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

1ea30b11df80ea6d80285f63dfd088ea61d84e30c4793e1c9d48bae5864650eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://actu.voici.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://actu.voici.fr
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: jCG-xSWVrOxFjhZHqCK6c9zRkHCgOJBi-I9wyAUMqMH82g_CIbGhaA==
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)

OPTIONS
H2 200 get_messages
consent.voici.fr/wrapper/v2/ Frame 0
0 91ms
30ms Preflight
text/plain 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.voici.fr/wrapper/v2/get_messages?requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&hasCsp=true&env=prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-87.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://actu.voici.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://actu.voici.fr
cache-control: no-cache, no-store
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 29 Jul 2022 12:05:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id: ki1Ys6499O16mo2EhwX3aGcIHvnU4VdVnG8Hsv23N9cwndp1nzgFKg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 pmcCheck Show response
www.prismaconnect.fr/ Frame C787 1 KB
908 B 38ms
37ms Document
text/html 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b5716b195bf554b3a4e89277f0dc1bf17252908703fc242c0427031887340bc1

Request headers

Referer: https://actu.voici.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=270
content-encoding: gzip
content-length: 585
content-type: text/html
date: Fri, 29 Jul 2022 12:05:11 GMT
etag: W/"9d7dc2d13d6baddf9ee8c21cc7869506"
last-modified: Wed, 27 Jul 2022 09:11:04 GMT
referrer-policy: no-referrer-when-downgrade
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: 8cxSW9BLm-nQMqZQsPs1-AqI54Lt3WXnP11VySCCsuk1zgLMNlgEGw==
x-amz-cf-pop: VIE50-C2
x-amz-version-id: yhZbHXNzVOjbA25Z6imjhAeITHn1aejz

GET
H2 200 buttons__ee177a243460b9ce75bc.js Show response
tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/ 7 KB
2 KB 20ms
20ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/4.19.4/assets/scripts/buttons__ee177a243460b9ce75bc.js
Requested by: Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/21805526/22531599/108890695.html?p=4d5b85b82ecf30a350ab3c91c7a56958&u=https%3A%2F%2Fwtm.people-addict.fr%2Fr%2FeNpVkc1uozAUhZ%252BG2bkQHAwsqhEpSSdJ0%252BavNGETGXMJngHbMiaEPP24mtVIluyj7%252BjonuvBDWLP8yK3ohGdBHFEIxYTqAiOvZBMwyiYloFfxeBOIhy4hBA39iqIqrAIimriWRKwygcf46IkgQ8QuRPfxbEr3Z%252F9c22M6hycOP7CHspM%252F3STnPGnSlstYOiQAqkasErBHy4Q3JWGrkNcQIc0XBEY1FHUSeg1MppyAxaUgDplb0U1utEGNAcLOegBuFWoqftWat4ZsBn0yg0CUdn0ENtKxMGL3rSXTvaagYPTARomWy6u%252F2ahZcmZcXxCW%252BXg2be1hZL3rbUyxf4DzD4pvwqLVCsvttyFasNZAz9K9uzn%252B3hO03chlk2RF0mdbYZVMVR8257E3HbOJnL5vZztsR3CzXb0WRbjX%252BNsR2J4%252B6Ljaw6P27s28nFu1fp4vr%252BtjvFnkSwyMY3G3EtF500NbXa7N8efLfghgHp%252Bvc%252FlKckStc%252BHM%252FlYpzI9bJdMh2O0%252Fjz1tYhe88dg%252Fabe7mdZnmyEPszx7mWzr1%252FsP83oUpBNOmqd3Tar3wZ%252FDfgvOgi33g%253D%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F8B) /
Resource Hash: 78a0bd21f6c3cfc7c9b3d2e535118b0c061b196eed59620a4f0f01c01a5cf2a4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 1477407
x-cache: HIT
content-disposition: inline
content-length: 2285
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 09:41:23 GMT
server: ECAcc (paa/6F8B)
etag: W/"fa578bd29e0254e9413b8da47af464e3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2ZvYr9LfcC4nlAbLVEflZY51ZTB34z35
via: 1.1 cca647b855165d3788974c9e34bcbc3c.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: MRS52-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: -uvVRoJqLs7fuAwMzEL7RGE9F3QMDOQYvkWL7_WF7gYTC8SWZK0w3w==

GET
H2 200 index.js Show response
tra.scds.pmdstatic.net/pmc-api-front-client/4/ Frame C787 54 KB
19 KB 21ms
21ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-api-front-client/4/index.js
Requested by: Host: www.prismaconnect.fr
URL: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F0F) /
Resource Hash: 08b73d128170a14d87c3830d47806e2d3a519df056323c6b41cd384141c29140

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: gzip
age: 20
x-cache: HIT
content-disposition: inline
content-length: 18922
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 15:05:37 GMT
server: ECAcc (paa/6F0F)
etag: W/"3f47a2a9e6dff071ecec279f9fa2d10c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vA3DzAVeBvGP9rpKe0pcdKSvCmpX08t7
via: 1.1 a64d90720955c3d3de37aa0526d1a7a4.cloudfront.net (CloudFront)
cache-control: max-age=60,s-maxage=60,stale-while-revalidate=604800,stale-if-error=604800,public
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: otho2USCKBRIcQauxsZXcXuOw112_erNc3YjtYVkPMTw6UAkUqy0EQ==

GET
H2 200 ping Show response
api.prismaconnect.fr/prd/ Frame C787 17 B
239 B 118ms
118ms Fetch
application/json 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Requested by: Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmc-api-front-client/4/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: awselb/2.0 /
Resource Hash: 9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161

Request headers

Referer: https://www.prismaconnect.fr/pmcCheck?version=4.19.4
x-pmc-brand-id: PMC
accept-language: fr-FR,fr;q=0.9
x-pmc-app-id: 6ec7f6ce-9ce0-44e1-ac9d-c9b9a3f99f49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
referrer-policy: no-referrer-when-downgrade
server: awselb/2.0
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.prismaconnect.fr
access-control-expose-headers: x-pmc-jwt
access-control-allow-credentials: true
content-length: 17

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
74 KB 49ms
49ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRTV7FH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7d7616dbfa9918fdb8f7b18b8e3458551f0b778f767913c70a507f0fff8d09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://actu.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:05:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75260
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:05:11 GMT

GET
H2 200 index.html Show response
consent.voici.fr/ Frame C830 4 KB
2 KB 74ms
25ms Document
text/html 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 869d747f2bf6b7f0c75ea35b9c806658e2d812731bdaef414bb707243f292a73

Request headers

Referer: https://actu.voici.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1671
content-encoding: gzip
content-type: text/html
date: Fri, 29 Jul 2022 11:37:22 GMT
etag: W/"0fadc987032296815405f39e4ef2af04"
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-id: P247HntMfLUbf167F6z72GYWuH5VOhlCsKuo2bPvdAHaeMBOkn4o9w==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 ping
api.prismaconnect.fr/prd/ Frame 0
0 237ms
95ms Preflight
application/octet-stream 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-pmc-app-id,x-pmc-brand-id
Access-Control-Request-Method: GET
Origin: https://www.prismaconnect.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-pmc-app-id,X-Api-Key,facebook-token,google-token,google-accessToken,apple-token,content-type,x-pmc-jwt,x-pmc-brand-id
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.prismaconnect.fr
content-length: 2
content-type: application/octet-stream
date: Fri, 29 Jul 2022 12:05:11 GMT
server: awselb/2.0

GET
H2 200 Notice.a2194.css
consent.voici.fr/ Frame C830 32 KB
6 KB 28ms
27ms Stylesheet
text/css 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.voici.fr/Notice.a2194.css
Requested by: Host: consent.voici.fr
URL: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d07c218cf2ede8daec9179c818dce7dce1e65d78ae24c9e9bf08f26f42386077

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:55:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 613
etag: W/"797825cd114f1ba9cd9dba118cc0d8a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: x8QUDhCdNOxiKuFGuOH9SPpP3wn6jLFRlEmHIZqH_XEhhxTluX-t6Q==

GET
H2 200 polyfills.d36c5.js Show response
consent.voici.fr/ Frame C830 5 KB
2 KB 27ms
27ms Script
application/javascript 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.voici.fr/polyfills.d36c5.js
Requested by: Host: consent.voici.fr
URL: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:54:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 669
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 27JpvZR-dmemLZfg-CxK76ENDTYrM9gkRljSf7trSUsCBh9-Esi8-w==

GET
H2 200 Notice.0b008.js Show response
consent.voici.fr/ Frame C830 211 KB
53 KB 26ms
25ms Script
application/javascript 13.225.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.voici.fr/Notice.0b008.js
Requested by: Host: consent.voici.fr
URL: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51cd20cbb2c5e74c8b23c00ad7ea5fc75d2beabb048db2fd0eebbb6cbd2bcbc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 11:36:41 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:46:26 GMT
server: AmazonS3
age: 1726
etag: W/"fdbc28f9cb1d08ff7ae01b1996ddc335"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rnTSvnCmBgkTg5GyAO8qC1vM3B0EcJC7V2VtvVRVg-o2zBpjmJkj8g==

GET
H2 200 voici_logo.svg
creas.prismamediadigital.com/people/logos/ Frame C830 3 KB
1 KB 40ms
40ms Image
image/svg+xml 104.96.135.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creas.prismamediadigital.com/people/logos/voici_logo.svg
Requested by: Host: consent.voici.fr
URL: https://consent.voici.fr/index.html?message_id=686173&consentUUID=f3f30bff-3495-43e1-b1b7-23a4394e8169_10&requestUUID=350e4ee9-2cff-4121-8b3d-9d2dbe31d0d3&preload_message=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.103 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-103.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3dec4fd708f011b381f2b17e52202f3346fd65942f47c41e7c328b4ed496dc39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://consent.voici.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: Rmomp_scia3YAjHD0oTht2b0EjLlLm64
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 08:26:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: W/"a2bfcc5cfa9bb835793ce0e74f3dc669"
vary: Accept-Encoding
content-type: image/svg+xml
date: Fri, 29 Jul 2022 12:05:11 GMT
content-length: 1163
x-amz-cf-id: oK-x5GqQBUQhgq8BgJNkGU0xFeU47V2ohG13AB7FYDrZhVFgL1tA4Q==

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s3s-main.net/	1970-01-20 05:34:48	Name: wm_welcoming_v2 Value: %2Cfw_21805526%2C%3B3469739958
.weborama.fr/	1970-01-20 14:17:31	Name: AFFICHE_W Value: vNUyeI5K7wq879
.phywi.org/	1970-01-20 06:18:00	Name: pl Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%22627gb9b26%3A9b9d%3A7fg74%3A18758965e63g%3Af8cca1%22%3B%7D
.cloud-media.fr/	1970-01-20 13:29:56	Name: l_id Value: fa8a1598a8c96ef63907647854d52f9e
.prismamedia.com/	1970-01-20 09:10:48	Name: authId Value: 517dfb68cae686d5ceff2f4afab1998d
.voici.fr/	1970-01-20 09:10:48	Name: authId Value: 517dfb68cae686d5ceff2f4afab1998d
.voici.fr/	1970-01-20 14:13:12	Name: ga_exempt Value: GA1.2.477538908.1659096311
.voici.fr/	1970-01-20 04:53:02	Name: ga_exempt_gid Value: GA1.2.1264491844.1659096311
.voici.fr/	1970-01-20 22:22:48	Name: _ga Value: GA1.2.477538908.1659096311
.voici.fr/	1970-01-20 04:53:02	Name: _gid Value: GA1.2.725229476.1659096311
.voici.fr/	1970-01-20 09:10:48	Name: consentUUID Value: f3f30bff-3495-43e1-b1b7-23a4394e8169_10
actu.voici.fr/	1970-01-20 04:51:37	Name: _dd_s Value: rum=0&expire=1659097211060

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.datadoghq-browser-agent.com/datadog-rum-slim-v4.js Message: A preload for 'https://tra.scds.pmdstatic.net/advertising-core/4.175.0/core-ads.js' is found, but is not used because the request headers do not match.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actu.voici.fr
api.prismaconnect.fr
cdn.polyfill.io
cdn.privacy-mgmt.com
consent.voici.fr
consents.prismamedia.com
creas.prismamediadigital.com
er.cloud-media.fr
fonts.googleapis.com
fonts.gstatic.com
img.pmdstatic.net
r.phywi.org
redirect.frontend.weborama.fr
s3s-main.net
securepubads.g.doubleclick.net
tra.scds.pmdstatic.net
wtm.people-addict.fr
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
www.prismaconnect.fr
104.96.135.103
13.225.78.87
13.32.98.147
192.229.221.226
192.229.221.61
2001:41d0:403:34c2::
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4014:80b::200a
2a00:1450:4014:80b::200e
2a00:1450:4014:80f::2008
2a04:4e42:600::282
2a06:98c1:3121::3
35.190.24.218
54.76.232.54
65.9.86.106
91.190.170.12
0823cad5e08bc259aafca8aa7f7b5d2c5be44e1697df6e5529276583def6ee05
08b73d128170a14d87c3830d47806e2d3a519df056323c6b41cd384141c29140
0cb7c55c46555249e6e01ac41c081d633d9e25eb6e38f92fdbd02f7303b370bd
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf
1ea30b11df80ea6d80285f63dfd088ea61d84e30c4793e1c9d48bae5864650eb
2020a1d61cfe16f730427ff06e714d7c038018e9728ff66af0bf38f772016dc3
23ed5554c4bf50f30f6b6aaf48ba8b54e7cb141f032ed2da479a3c7095705010
2d046a2227dd836270aa1ac5d5ff8cd3056d66e2d72242a6db4c17a085468776
306829a9d0ac5ea867f6abf3194163cddecda9d16d5fdc5fb30ce4653d87f2ab
397fb7fad165c8945c32fc6354a0ba1ab1f703261d51d4bb668b79dbe0bf9a3c
3dc39024c8a2cf9e2d63c69fa3e1d340f913affc92ab828706a525c1c2027825
3dec4fd708f011b381f2b17e52202f3346fd65942f47c41e7c328b4ed496dc39
43c64881a0b9eb5f2069c474af58c46a6bacb1058aad311de7117f36c07b4c0d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
51cd20cbb2c5e74c8b23c00ad7ea5fc75d2beabb048db2fd0eebbb6cbd2bcbc4
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5845ef93d104d5fc5d9a7e7d7b753b07339b81b45300fc4ce0fa99a2833472d0
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
615f78163711d6ad11c7875d6e56671ace387c9044a0403d34de7632e34d4ec1
62d3cd5cc83b8d768e1069c4e85e939f9eb62db25c05edff966c1993f1907635
655bdacc8cdd4d9d6ea71d2f5d294ca3398ed19324ee40144d4dbb2cc6743b08
76b2283c542c92a5b302f23226a73c5c787fffba7e7861080f306fed6521cdb6
781aadf0c6b48ae575596498e0606a404b1bce6a5fc44fdae33d4d6d50ce5665
78a0bd21f6c3cfc7c9b3d2e535118b0c061b196eed59620a4f0f01c01a5cf2a4
7ba6a2de2799e12960f5f78979bddb065b7b5f396254df4c4243f011ec672220
7bd6780f9a035305b848879076f64fc43e05a77e55dc41ddd423d4474f7a1417
82c5a8e566ca99469aab6db15032f5010bd64f139662a17b67f1e3380fcbaba9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fc98a2f8ecf9bb09989f8915bd0550f208f55e2fd035883026dd9f55f1397e
869d747f2bf6b7f0c75ea35b9c806658e2d812731bdaef414bb707243f292a73
91f06351236f84865d4f1e87c431fe940f7cd7aeb9f68999fc0740c3c7451987
9408be658ddfc6ec2f04f3a6c48fac9258c99351aa21c76cd51121d230921161
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a30b179f4481d978f6a49c6ec571c2592a3213ce19233592384e04c044ee675d
a5aaa3e59446461c2aa93ad2d71399a308f921cb1fa58682a4c7beb359058d03
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b421a6ac7ce2d5288e437bfa92091b0c582d9e0a2c36b94cc1abcce149f052be
b5716b195bf554b3a4e89277f0dc1bf17252908703fc242c0427031887340bc1
b73900d6286b2b4310ca64f2c462a38c8f645d42e6147cf89784da1329b9391e
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
c305b47829eec64fbbaae1fe8e5b46996a98eff1661f867d238447fa1890b5e7
c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a
c7d7616dbfa9918fdb8f7b18b8e3458551f0b778f767913c70a507f0fff8d09a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc3745d70f2ca6b3511e8b031bdeb648c877a7a13a04ef98201824d1bd22bc63
d07c218cf2ede8daec9179c818dce7dce1e65d78ae24c9e9bf08f26f42386077
e13e707a12e7fd93e99657b93f111f07ae7051a784d39631edd4cc99473426ac
e30e89bb06b520e7ffa653c94049520507d8df7c308a6f6af114b14207ca0de2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d14b867982443a7075d98f19a35451124a65eef943df0b54933dce6eede77
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f2333a337cd9097f7fe63b86f32acfbb930573639ae16373086ca793d809cd1f
fd280b0598e56e876432cbaac4aeb7c58c6267f83826959833e771a72ab1c18d

actu.voici.fr Open in urlscan Pro 104.96.135.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

47 %IPv6

18 Domains

21 Subdomains

16 IPs

5 Countries

972 kBTransfer

2488 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

actu.voici.fr Open in urlscan Pro
104.96.135.103 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

47 %
IPv6

18
Domains

21
Subdomains

16
IPs

5
Countries

972 kB
Transfer

2488 kB
Size

12
Cookies

63 HTTP transactions
0 data transactions