urlscan.io logo urlscan.io
SecurityTrails logo

www.estrepublicain.fr Open in urlscan Pro
145.226.55.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.father1.fr/c/n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/6faed8fd
Effective URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm...
Submission Tags: falconsandbox
Submission: On December 08 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 13 domains to perform 43 HTTP transactions. The main IP is 145.226.55.13, located in France and belongs to EURO-INFORMATION, FR. The main domain is www.estrepublicain.fr.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 4th 2021. Valid for: a year.
This is the only time www.estrepublicain.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    80.209.249.242 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 80-209-249-242.rev.iq.pl
links.father1.fr
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com
2    145.226.55.13 (France)

ASN8255 (EURO-INFORMATION, FR)
PTR: www16.estrepublicain.fr
www.estrepublicain.fr
7    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
12    2606:2800:135:b68:1ac8:25d:a7c:18f6 (United States)

ASN15133 (EDGECAST, US)
cdn-files.prsmedia.fr
cdn-ext.prsmedia.fr
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:223f:2c00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    18.66.139.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-98.fra60.r.cloudfront.net
tag.aticdn.net
1    2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
1    18.66.122.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-90.fra60.r.cloudfront.net
privacy.estrepublicain-presse.fr
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
1    52.222.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-228-32.fra56.r.cloudfront.net
logs4.xiti.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2600:1f18:24e6:b900:56b0:31a1:5289:e725 (None, )

ASN- ()
browser-http-intake.logs.datadoghq.com
Domain Requested by
11 cdn-files.prsmedia.fr www.estrepublicain.fr
cdn-files.prsmedia.fr
7 news.google.com www.estrepublicain.fr
news.google.com
clk.tradedoubler.com
www.gstatic.com
4 www.gstatic.com news.google.com
www.gstatic.com
3 play.google.com www.gstatic.com
3 sdk.privacy-center.org www.estrepublicain.fr
sdk.privacy-center.org
2 cdn.pbstck.com boot.pbstck.com
2 www.estrepublicain.fr www.estrepublicain.fr
2 clk.tradedoubler.com 1 redirects
1 browser-http-intake.logs.datadoghq.com clk.tradedoubler.com
1 logs4.xiti.com www.estrepublicain.fr
1 cdn-ext.prsmedia.fr www.estrepublicain.fr
1 fonts.gstatic.com news.google.com
1 privacy.estrepublicain-presse.fr sdk.privacy-center.org
1 boot.pbstck.com www.googletagmanager.com
1 tag.aticdn.net www.googletagmanager.com
1 www.googletagmanager.com www.estrepublicain.fr
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 links.father1.fr 1 redirects
43 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
Subject Issuer Validity Valid
*.tradedoubler.com
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.estrepublicain.fr
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-04 -
2022-05-09		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.lalsace.fr
GlobalSign RSA OV SSL CA 2018		 2021-09-13 -
2022-10-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.privacy-center.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2021-01-25 -
2022-02-22		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2021-08-04 -
2022-08-03		 a year crt.sh
privacy.estrepublicain-presse.fr
Amazon		 2021-09-28 -
2022-10-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.xiti.com
Thawte RSA CA 2018		 2020-02-27 -
2022-05-22		 2 years crt.sh
*.logs.datadoghq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2022-05-31		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Frame ID: A34205CA57B6D453C893047FD8D08DDA
Requests: 31 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Frame ID: 781D51C798EAA474F9B5DA7D557C0C4E
Requests: 11 HTTP requests in this frame

Frame: https://privacy.estrepublicain-presse.fr/global-cookies.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.html
Frame ID: C9E3D062D2505AF185821A68B57EC4C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Découvrez nos offres numériques Premium

Page URL History Show full URLs

  1. https://links.father1.fr/c/n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/6faed8fd HTTP 302
    https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-of... Page URL
  2. https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-of... HTTP 302
    https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm... Page URL

Page Statistics

43
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

19
Subdomains

18
IPs

4
Countries

916 kB
Transfer

3024 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.father1.fr/c/n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/6faed8fd HTTP 302
    https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1 Page URL
  2. https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1 HTTP 302
    https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.father1.fr/c/n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/6faed8fd HTTP 302
  • https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • https://links.father1.fr/c/n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/6faed8fd
  • https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_c...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
d9cbe3162c4f089de2f342f442a5d43ffbf9345b27882653c22dee213bc66dd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Wed, 08 Dec 2021 15:37:58 GMT
content-length
1248
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
date
Wed, 08 Dec 2021 15:37:58 GMT
content-length
349
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 03 Dec 2021 09:17:39 GMT
Content-Encoding
gzip
Age
454819
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
KxREui7LaRw8SzUaQ5F7otuCWwbRqllR1u5xqWAQZFhtSr-H4zydoA==
Expires
Fri, 10 Dec 2021 09:17:39 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 08 Dec 2021 15:37:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Primary Request nos-offres-speciales
www.estrepublicain.fr/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_c...
  • https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.55.13 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
www16.estrepublicain.fr
Software
eiws /
Resource Hash
6b7565f40cd14dd5e383145752bd70971461b80331b2321b618859c031b446c0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/

Response headers

Date
Wed, 08 Dec 2021 15:37:58 GMT
Server
eiws
Cache-Control
public, max-age=7
Content-Type
text/html; charset=utf-8
X-UA-Compatible
IE=edge,chrome=1
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=50
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

location
https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Wed, 08 Dec 2021 15:37:58 GMT
content-length
344
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
swg.js
news.google.com/swg/js/v1/ 		139 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7884d6ed007687435a87f9595280e999473c69ca9a70a3b2304270f68f5b5fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44145
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 21:44:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 15:38:04 GMT
style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/ 		552 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
2a36d27a2969bb25fb1aba5de12d01a2dcf2abd31c6624762516300bf3f669d5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:58 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 04:27:35 GMT
server
eiws
etag
"385310edebebd71:0-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
flip.8C05B0BEF6768C890BA57677E3838FEE.min.css
cdn-files.prsmedia.fr/files/REDAC/min/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/flip.8C05B0BEF6768C890BA57677E3838FEE.min.css
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
c7e439052c6bb45649e04b51c9ba895d39ecaecfcc28f21fe45b1f459dff426e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 04:13:13 GMT
server
eiws
etag
"59c0df7a68bad71:0-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
f0215a9b-076e-240e-b893-0272843fc6ca
www.estrepublicain.fr/images-gnf/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.estrepublicain.fr/images-gnf/f0215a9b-076e-240e-b893-0272843fc6ca
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.226.55.13 , France, ASN8255 (EURO-INFORMATION, FR),
Reverse DNS
www16.estrepublicain.fr
Software
eiws /
Resource Hash
2c197ac1af0c9b0029d206f7cbfe0d70a7645a964779b8dea01c5ab26367e163

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:37:59 GMT
Server
eiws
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
Keep-Alive
Keep-Alive
timeout=2, max=49
Content-Length
81285
X-UA-Compatible
IE=edge,chrome=1
bundle-vendor.js
cdn-files.prsmedia.fr/files/min/fr/javascript/lib/ 		363 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/min/fr/javascript/lib/bundle-vendor.js
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
5dd6c61a5da96dbd1004c1a832a79d4ae3f353ddc3b3e765bec4e87c26a64386

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 08:56:28 GMT
server
eiws
etag
"0c69923aefd61:0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
flipClock.CAA7613389452920F33EDEF7685C02E0.min.js
cdn-files.prsmedia.fr/files/REDAC/min/javascript/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/javascript/flipClock.CAA7613389452920F33EDEF7685C02E0.min.js
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
0b34f09af25664e512dc19d14e453ce3a6bbd47b8cdbbc1db2d8ab4c61512690

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 04:16:39 GMT
server
eiws
etag
"bacbda1ee9bfd71:0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
smartbanner.0DE3D2343D7E61917C3888F57F1C337D.min.js
cdn-files.prsmedia.fr/files/min/fr/javascript/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/min/fr/javascript/plugins/smartbanner.0DE3D2343D7E61917C3888F57F1C337D.min.js
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
6d05f4d91bf12667d018316eee56e4f9cb0f3e8289880fccf447a265d3b38496

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 15:37:02 GMT
server
eiws
etag
"a65895c5c56dd71:0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7NLSLH
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43b9cfaca4ea3d4fc087772c7a77e204f3f5dff14fc64abfed95bd901931b2b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76663
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Dec 2021 15:37:59 GMT
loader.js
sdk.privacy-center.org/ca08d6ad-65e3-410b-943d-97d9e2081851/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ca08d6ad-65e3-410b-943d-97d9e2081851/loader.js?target=www.estrepublicain.fr
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a57276ecae33243ac2224c25b4e07a6da408a1ec3eeab42a87becc987b297f2a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:02:28 GMT
content-encoding
gzip
server
CloudFront
age
5731
etag
"d85996f543add8fdee605e194c39749f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
x-amz-cf-pop
FRA56-P5
content-length
7295
x-amz-cf-id
qwRXzHoIRtZpEvuZ2vxcr6W6AqfDVexEOP9F6fiyeH1jBytuWNXzdA==
print.9D1A9889BBEB7FAADC45640B2F6036FC.min.css
cdn-files.prsmedia.fr/files/REDAC/min/css/ 		2 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/print.9D1A9889BBEB7FAADC45640B2F6036FC.min.css
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
f429ecd86bb3277d92d5e44853cb1353fe895245277806bfe0ff4f00ddbbe751

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 10:10:28 GMT
server
eiws
etag
"7c703e7ce4bd71:0-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
sdk.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
sdk.privacy-center.org/ 		380 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/ca08d6ad-65e3-410b-943d-97d9e2081851/loader.js?target=www.estrepublicain.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
690febff92173ed71b4707524835943b21efd6d58cf6005dc344a795f6d3a8ca

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 16:02:20 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 15:58:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1638892464/ctime:1638892464/gid:0/gname:root/md5:c56c51f7f7b393d075baa38deffaeee2/mode:33188/mtime:1638892464/uid:0/uname:root
age
84940
etag
W/"c56c51f7f7b393d075baa38deffaeee2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
KNfBlxEwA5YYPRZ4jXEleZ_LZxogmX9nj2yWYc-o_pc-EPzo8YtJtw==
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6439
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 17:26:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 16:12:38 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 781D 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6096ee3041c80a94e8d6d136c1bf9665a7f617d551bdeb6092ad2938bc817b9b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zGxX/aKUPAJWCFU0+/g4wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-zGxX/aKUPAJWCFU0+/g4wQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 08 Dec 2021 15:37:59 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
script-src 'report-sample' 'nonce-zGxX/aKUPAJWCFU0+/g4wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-zGxX/aKUPAJWCFU0+/g4wQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 16:12:38 GMT
smarttag2.js
tag.aticdn.net/84339/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/84339/smarttag2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7NLSLH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f0429379582522be9de16d49a9356c7c81d7508cabd6069a4834e6148289e32

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
fm.rFi5hZRPodta5qI0POjTOodZATE6B
content-encoding
gzip
etag
W/"dcfe7b79b618f7fc11e80a3b9e7c1d9e"
last-modified
Mon, 26 Jul 2021 12:51:46 GMT
server
AmazonS3
age
1878
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control
max-age=1800
date
Wed, 08 Dec 2021 15:19:05 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
EtEueX_78R8zwBhNEZRx1w-um0k7IBNP06aS-dH9yM96cqlzs8RWqw==
d007970d-31de-45ba-a087-e4160757e3e6
boot.pbstck.com/v1/tag/ 		2 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/d007970d-31de-45ba-a087-e4160757e3e6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7NLSLH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67e15ef11071b9697d998fe369e13398a55ba5c2896eb04e84112322342c241

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
cf-ray
6ba71402d8f23749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
global-cookies.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.html
privacy.estrepublicain-presse.fr/ Frame C9E3 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy.estrepublicain-presse.fr/global-cookies.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.html
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaade451e0f45fb6ddf0223c380288110a6901e44b1cd05146ada2f655c220d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/

Response headers

content-type
text/html; charset=utf-8
date
Tue, 07 Dec 2021 16:02:26 GMT
last-modified
Tue, 07 Dec 2021 15:59:37 GMT
etag
W/"63e819fc65903b094ece2de594ec11a2"
x-amz-meta-s3cmd-attrs
atime:1638892471/ctime:1638892471/gid:0/gname:root/md5:63e819fc65903b094ece2de594ec11a2/mode:33188/mtime:1638892471/uid:0/uname:root
cache-control
public, max-age=31536000
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
hGqhsDHAMlwF1xvTDyni3qNVCB1XaozU8oR3KbdgbzGpOURbyCG3Yg==
age
84934
LER.svg
cdn-files.prsmedia.fr/files/REDAC/min/images/logos/svg/small/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/images/logos/svg/small/LER.svg
Requested by
Host: cdn-files.prsmedia.fr
URL: https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
6bacb0b5bc3518caff60ee4ffe3b5b0ecc4e9cbe45a78a3d19da31ae472abef5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 13:05:26 GMT
server
eiws
etag
"02f5a6e9a3d71:0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
merriweather-sans-regular.woff2
cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/merriweather-sans-regular.woff2
Requested by
Host: cdn-files.prsmedia.fr
URL: https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
15d51211068a45f3c2e0944e660e4d79c14d53012b18d3a5947a9efbada96a06

Request headers

Referer
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Origin
https://www.estrepublicain.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
last-modified
Tue, 19 Oct 2021 10:02:00 GMT
server
eiws
etag
"05c9d5bd0c4d71:0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14596
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 781D 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-HxKvEp2R6mTOlWB6tjLCNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-HxKvEp2R6mTOlWB6tjLCNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 15:37:59 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-HxKvEp2R6mTOlWB6tjLCNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-HxKvEp2R6mTOlWB6tjLCNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b0cbbc82716da178b785868c81b2df15be9056954e81a952d44bf1d20aae2bf

Request headers

Referer
Origin
https://www.estrepublicain.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
swg-button.css
news.google.com/swg/js/v1/ Frame 781D 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6439
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 17:26:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 16:12:38 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 781D 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e00d13e16966d08299d76b2e2255ce8900271a7a287064a7d88199d550c2dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57463
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 00:51:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Wed, 07 Dec 2022 20:11:35 GMT
LER.svg
cdn-files.prsmedia.fr/files/REDAC/min/images/logos/svg/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/images/logos/svg/LER.svg
Requested by
Host: cdn-files.prsmedia.fr
URL: https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
5cff36261d509953b9d037bc51bb3af74811f3249dd9638b1d914da77542bba3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 12:51:16 GMT
server
eiws
etag
"07ab6be7a3d71:0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
merriweather-regular.woff2
cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/merriweather-regular.woff2
Requested by
Host: cdn-files.prsmedia.fr
URL: https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Request headers

Referer
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Origin
https://www.estrepublicain.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
last-modified
Tue, 19 Oct 2021 10:01:48 GMT
server
eiws
etag
"04e7654d0c4d71:0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20016
merriweather-sans-700.woff2
cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-files.prsmedia.fr/files/REDAC/min/css/fonts/merriweather-sans-700.woff2
Requested by
Host: cdn-files.prsmedia.fr
URL: https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
fc37bb6b7d279b0fdcb1a3bdec761cce370adf0ecc88010ccb4ebc76a5a54444

Request headers

Referer
https://cdn-files.prsmedia.fr/files/REDAC/min/css/sassconcat/style_red2.8CFE7A4A74BB8F6E743889FBF331AD57.min.css
Origin
https://www.estrepublicain.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
last-modified
Tue, 19 Oct 2021 10:02:00 GMT
server
eiws
etag
"05c9d5bd0c4d71:0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14996
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 781D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 17:06:41 GMT
x-content-type-options
nosniff
age
81078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 17:06:41 GMT
index-monitoring-4297727.js
cdn.pbstck.com/ 		173 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-monitoring-4297727.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d007970d-31de-45ba-a087-e4160757e3e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2387b5d5963b6676fdd878876050fb834026b4bd566aa4b3ee91c714d9ad757e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
435060
x-guploader-uploadid
ADPycdu74brXYqeFKGYYnWSwXPt_cimas1unRDhIi80CBC4cZys5p47TTNJt-glL2ms7RlQELv6VtMNr9aUwmoZ82SQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
47738
last-modified
Fri, 03 Dec 2021 14:33:36 GMT
server
cloudflare
etag
"7159b75fda70c207413e271ba41b3db9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=STfZEQ==, md5=cVm3X9pwwgdBPicbpBs9uQ==
x-goog-generation
1638542016890908
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=14400, no-transform
x-goog-stored-content-length
47738
accept-ranges
bytes
cf-ray
6ba714045d64599b-MXP
expires
Sat, 03 Dec 2022 14:33:37 GMT
index-refresh-4297727.js
cdn.pbstck.com/ 		127 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-refresh-4297727.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d007970d-31de-45ba-a087-e4160757e3e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6158d23cba1494a1609739bee9e5850db22ab4795109367c0c0fbca73dfcabc3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
br
cf-cache-status
HIT
age
435060
x-guploader-uploadid
ADPycdtOgllW-vNAhyL5boASzmQ0DqZ5EUY2prH8m6c2mxQYRy960dPIFdQuFq0rz0SJP8UGbPJpuBFMkJ-HE0hnkec
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 03 Dec 2021 14:33:39 GMT
server
cloudflare
etag
W/"5feebd0f998531c661f281628034d8e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=NM802w==, md5=X+69D5mFMcZh8oFigDTY5g==
x-goog-generation
1638542019577444
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
36392
cf-ray
6ba714045d69599b-MXP
expires
Fri, 10 Dec 2021 14:33:42 GMT
ui-gdpr-fr.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
sdk.privacy-center.org/ 		269 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-fr.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.79db66ab68adca9d1f1f5d5e4aa867cc7735508f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e0e01e9cfc6cf05bafd73a00d3fd978dc18cc102e8939d948086d1a7c2b9c39

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 16:02:22 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 15:58:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1638892464/ctime:1638892464/gid:0/gname:root/md5:a82ea355f7dc9cfe7c5c964798378e73/mode:33188/mtime:1638892464/uid:0/uname:root
age
84938
etag
W/"a82ea355f7dc9cfe7c5c964798378e73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
FywVgByscvS1zUGFYB4UHmz8_NR_wlEpRyNqco4jnnQjVmErRmNtIw==
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1... Frame 781D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1.O/am=AgAI/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76D1wt3RMYkBPFzUdrl_oYYCiWaA/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09c9af742f12b947181e4eb6484f746b7be561deaca915af92265734d9d8312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 00:51:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Wed, 07 Dec 2022 20:12:14 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1... Frame 781D 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1.O/am=AgAI/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76D1wt3RMYkBPFzUdrl_oYYCiWaA/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fd672e1e5531114ec3ad61d2f8a95e876127fd954b5c4f0f71161b9239ff6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35485
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 00:51:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Wed, 07 Dec 2022 20:12:14 GMT
logo_LER.jpg
cdn-ext.prsmedia.fr/LER/email/template/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ext.prsmedia.fr/LER/email/template/logo_LER.jpg
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:b68:1ac8:25d:a7c:18f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
eiws /
Resource Hash
f7af00c59c3d1554706d2d2e23714d8374495355e69be73d3a953c12ba83990f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
last-modified
Mon, 22 Feb 2021 18:57:16 GMT
server
eiws
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-length
3978
expires
Fri, 07 Jan 2022 15:37:59 GMT
hit.xiti
logs4.xiti.com/ 		35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs4.xiti.com/hit.xiti?s=84339&idclient=b791a2b2-974e-477d-be28-cd9fa044168b&vc=false&vm=exempt&ts=1638977879792&vtag=5.28.2&ptag=js&p=/nos-offres-speciales&stc=%7B%22device%22%3A%22desktop%22%7D&s:dimension24=undefined&s:dimension26=undefined&s:dimension15=undefined&s:dimension23=undefined&n:dimension47=undefined&b:dimension10=false&b:dimension11=false&s:dimension44=undefined&s:dimension48=undefined&ref=https://clk.tradedoubler.com/
Requested by
Host: www.estrepublicain.fr
URL: https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.228.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-228-32.fra56.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.estrepublicain.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=15768000
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
35
x-amz-cf-id
fsYiv4AA_uZDk3P3_-gwAxnPs4POKMHx8x1gmOYuLa7AkCMVZphvDg==
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 781D 		467 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-8741712253070918891&bl=boq_subscribewithgoogleclientserver_20211206.10_p0&hl=fr&soc-app=673&soc-platform=1&soc-device=1&_reqid=56280&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bb4c9ba7923716cac49baedb6d2515e8abcb396661eb54d6e82026b5c6a9e32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 08 Dec 2021 15:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1... Frame 781D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.o-9l6LnUTGI.L.B1.O/am=AgAI/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76D1wt3RMYkBPFzUdrl_oYYCiWaA/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
474adbd810139dcb584d00dde98b31d4e6c382382b09c752098140b75d107f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7290
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 00:51:52 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Wed, 07 Dec 2022 20:12:14 GMT
log
play.google.com/ Frame 781D 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 08 Dec 2021 15:38:00 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 08 Dec 2021 15:38:00 GMT
log
play.google.com/ Frame 781D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.fr.6W9pvr-a3HU.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4pTxX0dLwLDfrO5c9URvXy_6FE8g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 08 Dec 2021 15:38:00 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 08 Dec 2021 15:38:00 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 08 Dec 2021 15:38:00 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 15:38:00 GMT
cache-control
private
pub551f730416e5317842afc2792691e95c
browser-http-intake.logs.datadoghq.com/v1/input/ 		2 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub551f730416e5317842afc2792691e95c?ddsource=browser&ddtags=version:1.3.2
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304729&a=3065936&g=25132288&url=https://www.estrepublicain.fr/nos-offres-speciales?utm_source=ED_5857_ALL&utm_medium=email_acquisition&utm_campaign=NOEL21&utm_content=kit1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:56b0:31a1:5289:e725 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.estrepublicain.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 08 Dec 2021 15:38:10 GMT
content-length
2
content-type
application/json

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| getCookie function| getCookieXCONNECT function| getCookieXCONNECTForEnv function| IsConnected function| IsAnomymousConnected function| RedirectDomain function| SwitchAuthDomain object| bufferScript object| head object| bufferLoad object| dataLayer string| productId object| SWG boolean| gdprAppliesGlobally function| __tcfapi object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| UrlCache object| SUBSCRIPTIONS object| google_tag_manager function| hsMinmaxDivPixel function| hsConvertPercent function| consentModulePurpose function| xitiEvent function| getRGPDConsent function| getDataLayerCart function| sendGAEventNonInteraction function| sendGAEvent function| clicClosest function| paywallShow function| paywallRemove function| dlGlobalInfo function| dlArticleInfo object| gi object| didomiEventListeners object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiOnReady object| p function| switchOffer function| handleTickInit string| CommonFilesBaseUrl string| trigramme string| cookieDomain function| GSOC_Class function| IsValidGuid function| GSOC_Tools_LoadTinyMCE function| checkTxtCmt function| GSOC_Tools_AjaxCallListCommentsByObject function| GSOC_Tools_AjaxCallListCommentsByObjectByPager function| GSOC_Tools_AjaxCallMultiListCommentsByObject function| GSOC_Tools_AjaxCallFormComment2 function| GSOC_Tools_AjaxCallMailForm function| GSOC_Tools_AjaxCallMultiFormComment function| GSOC_Tools_CatchAndPrintNbComments function| GSOC_Tools_CatchAndPrintViewCount function| GSOC_parseResponse function| GSOC_ContainsKey function| GSOC_Init function| GSOC_PlugMailFriend function| GSOC_PlugMailFriendWithShare function| GSOC_PlugMailFriendForm function| GSOC_PlugMostCommented function| GSOC_PlugMostCommentedSorted function| GSOC_CatchAndPrintNbComments function| GSOC_CatchAndPrintViewCount function| GSOC_CatchAndPrintViewCountLimit function| GSOC_IncrementViewCount function| GSOC_IncrementViewCountLimit function| GSOC_GetMostViewed function| GSOC_GetViewCount function| GSOC_PlugRating function| GSOC_InitVoteForm function| GSOC_PlugBestRated function| GSOC_PlugLastComments function| GSOC_PlugMostViewed function| GSOC_generateCaptcha function| GSOC_PlugCommentForm2 function| GSOC_PlugMultiCommentForm function| GSOC_InitCommentForm2 function| GSOC_InitCommentForm2Limit function| GSOC_InitMultiCommentForm function| GSOC_PlugCommentsList2 function| GSOC_PlugCommentsList2ByPager function| GSOC_PlugCommentsMultiList function| GSOC_PlugNewsFeed function| GSOC_PlugMailForm function| GSOC_InitMailForm function| $ function| jQuery object| GSOC_LANG object| GSOC_API_Instance object| Tick object| x object| ATInternet function| ATCustomEvent object| tag object| m object| a object| n function| isSticky function| categoryLabel string| gaCt string| gaHd string| gaHdAc string| ctLv1 function| navTabBarCategory string| gaBg string| gaBrAc string| ctBgLv1 string| tab object| DidomiSanitizing object| googletag object| adsbygoogle object| didomiState object| e object| regeneratorRuntime object| pbstck object| pbjs object| pbstckQ object| Pubstack

10 Cookies

Domain/Path Name / Value
links.father1.fr/ Name: TEMP_DATA
Value: cbb1abbb-c17c-4894-b1b3-19dce6082f58
links.father1.fr/ Name: esg1
Value: n24/Hmr/llNRi8RFOIJ2eqnHXXyuPQ/g/bpTq/F/2226fa32
.tradedoubler.com/ Name: EH_0
Value: 1z11z1zrUz1QPuFHz1OcnyZEOKX2YyDo1%79rNFsKwtjHo%7aO6Jb5b%7abx7.kr.Xow_69IpubVs%7a__2dTNbinUW%79kI
.tradedoubler.com/ Name: GUID
Value: 1z11zzrUzYVhO8z41bf7e53572972ee87f1a44b9db5509e
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 41bf7e53572972ee87f1a44b9db5509e
.google.com/ Name: NID
Value: 511=JWwbgtq4slIgjdXWvCTdeKRJ2u3WPZE8gRigqZAmF-GcYVwoXRkNw-ZKEhIDonEJfN6dbRva2a7Np9SuBkjVtU246UeeVaHAuTk9jnNXwD2uAexuqbWCgHsK-hBsHgF3yP010kwrRBzNlrO6H8_pZnwLrjUiYNiyMXntDV-giBY
.estrepublicain-presse.fr/ Name: didomi_accept_cookie
Value: 1
.estrepublicain-presse.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdkOWFiMWItZDNhOS02OWZmLWIyOGUtOWQzN2E2NmExYWJiIiwiY3JlYXRlZCI6IjIwMjEtMTItMDhUMTU6Mzc6NTkuNjIyWiIsInVwZGF0ZWQiOiIyMDIxLTEyLTA4VDE1OjM3OjU5LjYyMloiLCJ2ZXJzaW9uIjpudWxsfQ==
.estrepublicain.fr/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%22b791a2b2-974e-477d-be28-cd9fa044168b%22%2C%22options%22%3A%7B%22end%22%3A%222023-01-09T15%3A37%3A59.786Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.estrepublicain.fr/ Name: atauthority
Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222023-01-09T15%3A37%3A59.789Z%22%2C%22path%22%3A%22%2F%22%7D%7D

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
boot.pbstck.com
browser-http-intake.logs.datadoghq.com
cdn-ext.prsmedia.fr
cdn-files.prsmedia.fr
cdn.pbstck.com
clk.tradedoubler.com
fonts.gstatic.com
links.father1.fr
logs4.xiti.com
news.google.com
play.google.com
privacy.estrepublicain-presse.fr
sdk.privacy-center.org
tag.aticdn.net
vht.tradedoubler.com
www.estrepublicain.fr
www.googletagmanager.com
www.gstatic.com
145.226.55.13
18.66.112.111
18.66.122.90
18.66.139.98
188.165.150.177
2600:1f18:24e6:b900:56b0:31a1:5289:e725
2600:9000:223f:2c00:5:b7cc:d3c0:93a1
2606:2800:135:b68:1ac8:25d:a7c:18f6
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2a00:1450:4001:801::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
35.186.231.97
52.222.228.32
80.209.249.242
0b34f09af25664e512dc19d14e453ce3a6bbd47b8cdbbc1db2d8ab4c61512690
0e00d13e16966d08299d76b2e2255ce8900271a7a287064a7d88199d550c2dd8
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
15d51211068a45f3c2e0944e660e4d79c14d53012b18d3a5947a9efbada96a06
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
2387b5d5963b6676fdd878876050fb834026b4bd566aa4b3ee91c714d9ad757e
2a36d27a2969bb25fb1aba5de12d01a2dcf2abd31c6624762516300bf3f669d5
2c197ac1af0c9b0029d206f7cbfe0d70a7645a964779b8dea01c5ab26367e163
2fd672e1e5531114ec3ad61d2f8a95e876127fd954b5c4f0f71161b9239ff6ff
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43b9cfaca4ea3d4fc087772c7a77e204f3f5dff14fc64abfed95bd901931b2b8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
474adbd810139dcb584d00dde98b31d4e6c382382b09c752098140b75d107f3b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5bb4c9ba7923716cac49baedb6d2515e8abcb396661eb54d6e82026b5c6a9e32
5cff36261d509953b9d037bc51bb3af74811f3249dd9638b1d914da77542bba3
5dd6c61a5da96dbd1004c1a832a79d4ae3f353ddc3b3e765bec4e87c26a64386
6096ee3041c80a94e8d6d136c1bf9665a7f617d551bdeb6092ad2938bc817b9b
6158d23cba1494a1609739bee9e5850db22ab4795109367c0c0fbca73dfcabc3
690febff92173ed71b4707524835943b21efd6d58cf6005dc344a795f6d3a8ca
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7565f40cd14dd5e383145752bd70971461b80331b2321b618859c031b446c0
6bacb0b5bc3518caff60ee4ffe3b5b0ecc4e9cbe45a78a3d19da31ae472abef5
6d05f4d91bf12667d018316eee56e4f9cb0f3e8289880fccf447a265d3b38496
7884d6ed007687435a87f9595280e999473c69ca9a70a3b2304270f68f5b5fa5
7f0429379582522be9de16d49a9356c7c81d7508cabd6069a4834e6148289e32
8e0e01e9cfc6cf05bafd73a00d3fd978dc18cc102e8939d948086d1a7c2b9c39
9b0cbbc82716da178b785868c81b2df15be9056954e81a952d44bf1d20aae2bf
a09c9af742f12b947181e4eb6484f746b7be561deaca915af92265734d9d8312
a57276ecae33243ac2224c25b4e07a6da408a1ec3eeab42a87becc987b297f2a
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c7e439052c6bb45649e04b51c9ba895d39ecaecfcc28f21fe45b1f459dff426e
d9cbe3162c4f089de2f342f442a5d43ffbf9345b27882653c22dee213bc66dd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67e15ef11071b9697d998fe369e13398a55ba5c2896eb04e84112322342c241
eaade451e0f45fb6ddf0223c380288110a6901e44b1cd05146ada2f655c220d6
f429ecd86bb3277d92d5e44853cb1353fe895245277806bfe0ff4f00ddbbe751
f7af00c59c3d1554706d2d2e23714d8374495355e69be73d3a953c12ba83990f
fc37bb6b7d279b0fdcb1a3bdec761cce370adf0ecc88010ccb4ebc76a5a54444