urlscan.io logo urlscan.io
SecurityTrails logo

www.gala.fr Open in urlscan Pro
92.123.149.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Effective URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=wel...
Submission: On March 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 6 countries across 43 domains to perform 141 HTTP transactions. The main IP is 92.123.149.215, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.gala.fr.
TLS certificate: Issued by Thawte RSA CA 2018 on November 13th 2020. Valid for: 6 months.
This is the only time www.gala.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.12 31688 (SPLIO-AS)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:41d0:203... 16276 (OVH)
1 2 52.17.119.21 16509 (AMAZON-02)
2 2 35.190.16.14 15169 (GOOGLE)
15 92.123.149.215 16625 (AKAMAI-AS)
11 192.229.221.61 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.229.221.226 15133 (EDGECAST)
12 2606:2800:234... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::621 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.64 16509 (AMAZON-02)
1 143.204.101.50 16509 (AMAZON-02)
3 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.147.71 16509 (AMAZON-02)
6 13.226.159.108 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
1 151.139.245.16 33438 (HIGHWINDS2)
1 13.226.159.67 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 184.30.25.80 16625 (AKAMAI-AS)
1 13.226.159.24 16509 (AMAZON-02)
1 13.226.159.100 16509 (AMAZON-02)
1 143.204.209.73 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 104.76.201.181 16625 (AKAMAI-AS)
4 70.42.32.127 13789 (INTERNAP-...)
3 54.229.43.10 16509 (AMAZON-02)
1 13.226.159.31 16509 (AMAZON-02)
2 2606:2800:134... 15133 (EDGECAST)
1 13.226.159.15 16509 (AMAZON-02)
1 13.226.159.70 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 35.190.89.230 15169 (GOOGLE)
5 35.190.76.172 15169 (GOOGLE)
1 104.18.133.145 13335 (CLOUDFLAR...)
1 23.37.40.118 16625 (AKAMAI-AS)
1 54.247.110.128 16509 (AMAZON-02)
1 145.239.193.53 16276 (OVH)
1 35.244.220.155 15169 (GOOGLE)
2 46.105.201.224 16276 (OVH)
1 52.51.145.177 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 2 15.236.96.182 16509 (AMAZON-02)
2 151.101.14.132 54113 (FASTLY)
3 35.205.207.25 15169 (GOOGLE)
2 2 185.33.220.244 29990 (ASN-APPNEX)
2 2 142.250.186.130 15169 (GOOGLE)
1 54.194.137.128 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.13.44 54113 (FASTLY)
1 35.186.243.160 15169 (GOOGLE)
2 50.31.142.159 22075 (AS-OUTBRAIN)
1 3.230.55.171 14618 (AMAZON-AES)
141 59
1    91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
ml.info-people.fr
3    2606:4700:3035::ac43:d6ad (United States)

ASN13335 (CLOUDFLARENET, US)
wtm.info-people.fr
2    2001:41d0:203:9c5b:: (France)

ASN16276 (OVH, FR)
r.phywi.org
2    52.17.119.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-21.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
15    92.123.149.215 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-149-215.deploy.static.akamaitechnologies.com
www.gala.fr
11    192.229.221.61 (United States)

ASN15133 (EDGECAST, US)
tra.scds.pmdstatic.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    192.229.221.226 (United States)

ASN15133 (EDGECAST, US)
gal.img.pmdstatic.net
12    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2606:4700::6810:9df3 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.226.159.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-64.dus51.r.cloudfront.net
gdpr-tcfv2.sp-prod.net
1    143.204.101.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-50.fra50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.226.147.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-147-71.dus51.r.cloudfront.net
cdn.parsely.com
6    13.226.159.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-108.dus51.r.cloudfront.net
consent.gala.fr
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
1    151.139.245.16 (United States)

ASN33438 (HIGHWINDS2, US)
via.batch.com
1    13.226.159.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-67.dus51.r.cloudfront.net
static.hotjar.com
1    2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
10    184.30.25.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-80.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
amplify.outbrain.com
1    13.226.159.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-24.dus51.r.cloudfront.net
script.hotjar.com
1    13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net
vars.hotjar.com
1    143.204.209.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-73.fra53.r.cloudfront.net
sync.getpublica.com
1    2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
9    104.76.201.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-201-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
4    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
amplifypixel.outbrain.com
tr.outbrain.com
3    54.229.43.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-43-10.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
1    13.226.159.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-31.dus51.r.cloudfront.net
cdn.privacy-mgmt.com
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
1    13.226.159.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-15.dus51.r.cloudfront.net
static.coreg-feed.com
1    13.226.159.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-70.dus51.r.cloudfront.net
try.abtasty.com
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.190.89.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.89.190.35.bc.googleusercontent.com
js.antvoice.com
cross-prod.antvoice.com
5    35.190.76.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.76.190.35.bc.googleusercontent.com
itm.ivitrack.com
1    104.18.133.145 (United States)

ASN13335 (CLOUDFLARENET, US)
config.seedtag.com
1    23.37.40.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-40-118.deploy.static.akamaitechnologies.com
cdn.mookie1.com
1    54.247.110.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-110-128.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    145.239.193.53 (France)

ASN16276 (OVH, FR)
asset.easydmp.net
1    35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com
ats.rlcdn.com
2    46.105.201.224 (France)

ASN16276 (OVH, FR)
tag.agrvt.com
1    52.51.145.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-145-177.eu-west-1.compute.amazonaws.com
p.cpx.to
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    15.236.96.182 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-96-182.eu-west-3.compute.amazonaws.com
prismashop.commander1.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
3    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com
social-reco.antvoice.com
ads.avads.net
avads.net
2    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    54.194.137.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-128.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
api.taboola.com
1    35.186.243.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.243.186.35.bc.googleusercontent.com
mappings.ivitrack.com
2    50.31.142.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
1    3.230.55.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-55-171.compute-1.amazonaws.com
usersync.getpublica.com
Apex Domain
Subdomains		 Transfer
21 gala.fr
www.gala.fr
consent.gala.fr
262 KB
17 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
amplify.outbrain.com
amplifypixel.outbrain.com
odb.outbrain.com
tr.outbrain.com
mcdp-chidc2.outbrain.com
106 KB
15 twitter.com
platform.twitter.com
syndication.twitter.com
3 MB
12 pmdstatic.net
tra.scds.pmdstatic.net
gal.img.pmdstatic.net
303 KB
10 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
230 KB
6 ivitrack.com
itm.ivitrack.com
mappings.ivitrack.com
24 KB
4 instana.io
eum.instana.io
eum-eu-west-1.instana.io
9 KB
4 info-people.fr
ml.info-people.fr
wtm.info-people.fr
5 KB
3 antvoice.com
js.antvoice.com
cross-prod.antvoice.com
social-reco.antvoice.com
23 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
62 KB
3 googletagmanager.com
www.googletagmanager.com
151 KB
3 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
1 KB
3 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.com
www.facebook.com
293 B
2 avads.net
ads.avads.net
avads.net
170 B
2 adnxs.com
secure.adnxs.com
2 KB
2 commander1.com
prismashop.commander1.com
2 KB
2 cpx.to
p.cpx.to
s.cpx.to
2 KB
2 agrvt.com
tag.agrvt.com
6 KB
2 mookie1.com
cdn.mookie1.com
odr.mookie1.com
4 KB
2 facebook.net
connect.facebook.net
92 KB
2 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
3 KB
2 getpublica.com
sync.getpublica.com
usersync.getpublica.com
5 KB
2 pbstck.com
boot.pbstck.com
cdn.pbstck.com
43 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
18 KB
2 weborama.fr
redirect.frontend.weborama.fr
418 B
2 cloud-media.fr
er.cloud-media.fr
419 B
2 phywi.org
r.phywi.org
850 B
1 taboola.com
api.taboola.com
278 B
1 rlcdn.com
ats.rlcdn.com
60 KB
1 easydmp.net
asset.easydmp.net
4 KB
1 adleadevent.com
adtrack.adleadevent.com
464 B
1 seedtag.com
config.seedtag.com
11 KB
1 abtasty.com
try.abtasty.com
75 KB
1 coreg-feed.com
static.coreg-feed.com
18 KB
1 privacy-mgmt.com
cdn.privacy-mgmt.com
1 KB
1 batch.com
via.batch.com
1 KB
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 sp-prod.net
gdpr-tcfv2.sp-prod.net
44 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net Failed
1 KB
1 polyfill.io
cdn.polyfill.io
198 B
1 googletagservices.com
www.googletagservices.com
20 KB
141 43
Domain Requested by
15 www.gala.fr wtm.info-people.fr
www.gala.fr
tra.scds.pmdstatic.net
eum.instana.io
12 platform.twitter.com www.gala.fr
platform.twitter.com
11 tra.scds.pmdstatic.net www.gala.fr
tra.scds.pmdstatic.net
eum.instana.io
8 images.outbrainimg.com
8 widgets.outbrain.com ml.info-people.fr
widgets.outbrain.com
www.gala.fr
6 consent.gala.fr eum.instana.io
gdpr-tcfv2.sp-prod.net
consent.gala.fr
5 itm.ivitrack.com ml.info-people.fr
www.googletagmanager.com
itm.ivitrack.com
3 eum-eu-west-1.instana.io eum.instana.io
3 www.googletagmanager.com tra.scds.pmdstatic.net
www.googletagmanager.com
3 syndication.twitter.com platform.twitter.com
3 www.google-analytics.com www.gala.fr
www.google-analytics.com
www.googletagmanager.com
3 wtm.info-people.fr 1 redirects wtm.info-people.fr
2 mcdp-chidc2.outbrain.com eum.instana.io
2 www.facebook.com connect.facebook.net
2 tr.outbrain.com amplify.outbrain.com
2 cm.g.doubleclick.net 2 redirects
2 secure.adnxs.com 2 redirects
2 odb.outbrain.com widgets.outbrain.com
2 prismashop.commander1.com 1 redirects
2 tag.agrvt.com ml.info-people.fr
tag.agrvt.com
2 connect.facebook.net ml.info-people.fr
connect.facebook.net
2 redirect.frontend.weborama.fr 2 redirects
2 er.cloud-media.fr 1 redirects wtm.info-people.fr
2 r.phywi.org wtm.info-people.fr
1 usersync.getpublica.com sync.getpublica.com
1 mappings.ivitrack.com
1 api.taboola.com itm.ivitrack.com
1 s.cpx.to p.cpx.to
1 avads.net
1 ads.avads.net
1 social-reco.antvoice.com eum.instana.io
1 cross-prod.antvoice.com js.antvoice.com
1 pbs.twimg.com
1 amplifypixel.outbrain.com
1 odr.mookie1.com
1 p.cpx.to ml.info-people.fr
1 amplify.outbrain.com ml.info-people.fr
1 ats.rlcdn.com www.googletagmanager.com
1 asset.easydmp.net ml.info-people.fr
1 adtrack.adleadevent.com www.googletagmanager.com
1 cdn.mookie1.com ml.info-people.fr
1 config.seedtag.com ml.info-people.fr
1 js.antvoice.com ml.info-people.fr
1 try.abtasty.com www.googletagmanager.com
1 static.coreg-feed.com www.googletagmanager.com
1 cdn.syndication.twimg.com platform.twitter.com
1 cdn.privacy-mgmt.com consent.gala.fr
1 log.outbrainimg.com eum.instana.io
1 widget-pixels.outbrain.com www.gala.fr
1 tcheck.outbrainimg.com eum.instana.io
1 cdn.pbstck.com eum.instana.io
1 sync.getpublica.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 boot.pbstck.com ml.info-people.fr
1 static.hotjar.com ml.info-people.fr
1 via.batch.com ml.info-people.fr
1 p1.parsely.com www.gala.fr
1 www.google.de www.gala.fr
1 www.google.com www.gala.fr
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 stats.g.doubleclick.net eum.instana.io
1 gdpr-tcfv2.sp-prod.net ml.info-people.fr
1 d1z2jf7jlzjs58.cloudfront.net tra.scds.pmdstatic.net
1 cdn.polyfill.io tra.scds.pmdstatic.net
1 eum.instana.io www.gala.fr
1 gal.img.pmdstatic.net www.gala.fr
1 www.googletagservices.com www.gala.fr
1 ml.info-people.fr
141 69
Subject Issuer Validity Valid
ml.info-people.fr
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.phywi.org
Gandi Standard SSL CA 2		 2020-02-11 -
2022-02-11		 2 years crt.sh
*.cmrt.io
Amazon		 2020-09-13 -
2021-10-13		 a year crt.sh
prismamediadigital.com
Thawte RSA CA 2018		 2020-11-13 -
2021-05-12		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.gala.fr
Thawte RSA CA 2018		 2020-03-25 -
2022-04-24		 2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-24 -
2021-12-25		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.sp-prod.net
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
consent.businessinsider.fr
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.via.batch.com
Gandi Standard SSL CA 2		 2020-04-17 -
2021-04-26		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.getpublica.com
Amazon		 2020-07-29 -
2021-08-29		 a year crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1		 2020-03-26 -
2021-06-25		 a year crt.sh
*.privacy-mgmt.com
R3		 2021-02-03 -
2021-05-04		 3 months crt.sh
*.coreg-feed.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-22 -
2021-07-22		 a year crt.sh
try.abtasty.com
Amazon		 2020-08-25 -
2021-09-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.antvoice.com
Go Daddy Secure Certificate Authority - G2		 2019-05-11 -
2021-05-11		 2 years crt.sh
itm.ivitrack.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
cdn.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2020-06-15 -
2021-07-15		 a year crt.sh
asset.easy-gain75.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
ats.rlcdn.com
GTS CA 1D2		 2021-03-10 -
2021-06-08		 3 months crt.sh
tag.agrvt.com
R3		 2021-02-11 -
2021-05-12		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.commander1.com
Thawte RSA CA 2018		 2020-08-05 -
2021-11-01		 a year crt.sh
*.avads.net
Go Daddy Secure Certificate Authority - G2		 2021-02-10 -
2022-02-28		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Frame ID: F22D9AB0381910CB4F5D550E3FA36FB1
Requests: 115 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.gala.fr
Frame ID: 1D89DFBAA304FEC336C70BC6660F87BD
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Frame ID: 37CC49FC7DAF8E48C88F46B0EAA724A6
Requests: 13 HTTP requests in this frame

Frame: https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
Frame ID: 364B0A6F91F289DA5E5E0DF803D6E6DB
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E2D76ECB59899B6881B7D881D6E0F522
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: AE850C7A5E7DC874936080755B78AEB3
Requests: 2 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Frame ID: AF966A142CDA3E88CD7570D4740ABE2B
Requests: 3 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Frame ID: A4E52B7A0650C4C6191FE53A71C5BD6E
Requests: 1 HTTP requests in this frame

Frame: https://cross-prod.antvoice.com/cookie.html?v=20160624
Frame ID: 35F5F82F626CB2865CA8CBADC913FAE7
Requests: 1 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/consent-iframe/itm.html
Frame ID: 2948AAE6122BFCBDD6D0EAC1E23AAD04
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 33FF54E57D7047DC4310330DC280C7C1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Frame ID: D726B88045D8EF0ECB3FFE2D332FDFA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html Page URL
  2. http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a1... HTTP 302
    http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww... Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

141
Requests

98 %
HTTPS

28 %
IPv6

43
Domains

69
Subdomains

59
IPs

6
Countries

4351 kB
Transfer

8139 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html Page URL
  2. http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=41&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bbdf7c3d25b7e21add59906d66%26c%3Dfr%26u%3Dhttps%253A%252F%252Fwww.gala.fr%252Fl_actu%252Fnews_de_stars%252Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%252FYLtc%252FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%252FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%252FbR%252Bw%253D%253D HTTP 302
    http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D Page URL
  3. https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=41&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bbdf7c3d25b7e21add59906d66%26c%3Dfr%26u%3Dhttps%253A%252F%252Fwww.gala.fr%252Fl_actu%252Fnews_de_stars%252Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%252FYLtc%252FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%252FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%252FbR%252Bw%253D%253D HTTP 302
  • http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Request Chain 4
  • https://er.cloud-media.fr/r/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 5
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3563084267 HTTP 302
  • https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=nqpHnduoMdF7mqTjkQiCg.
Request Chain 105
  • https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017 HTTP 302
  • https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Request Chain 115
  • https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3D16f5c536-cba2-4259-bc8f-cc713372efc5%26tp%3D1%26tpId%3D%24UID HTTP 302
  • https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=2857248279091304409
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_tc= HTTP 302
  • https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_gid=CAESEIpXcA5hnm6TuJWlmxAyLuA&google_cver=1

141 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
104130935.html
ml.info-people.fr/l2/7Owew3BcE40/2889979/ 		784 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
4a250fdce92f5a2047b5db5815c251f6141c5a884e70280995430e7433d06a28

Request headers

Host
ml.info-people.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:22 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
784
Connection
close
Content-Type
text/html
redirection.html
wtm.info-people.fr/
Redirect Chain
  • http://wtm.info-people.fr/w/160975/94ea13bbdf7c3d25b7e21add59906d66/1078/610/?mid=2bd17ad582606f9414a14db5d0f91910&ct=nl&n=41&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D94ea13bb...
  • http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_46523...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87f7719eb1f41d05b70be37b619108fb075392c398333ae1af174626e5404d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
wtm.info-people.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=db2fbd16efa863cfde74870757ebb77cb1616247682
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html

Response headers

Date
Sat, 20 Mar 2021 13:41:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding
strict-transport-security
max-age=63072000
x-request-id
A29E5B75:F7AA_33592B57:0050_6055FB82_80C3F7:0008
CF-Cache-Status
DYNAMIC
cf-request-id
08f1778e4100004db260258000000001
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z1jEz5dKY5ZKEb718slxwAQ73FgWzHbod8RJWlnoZvMT7eFcOd4o6OqXEMxptynDMr4L%2F0p1pOvtzANJRo3d8s4Q3I%2FhLEYlbu2MCXU1LfurFRttCLi1ZoaV1ppdVeg%3D"}]}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
632f5b906fd94db2-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sat, 20 Mar 2021 13:41:22 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=db2fbd16efa863cfde74870757ebb77cb1616247682; expires=Mon, 19-Apr-21 13:41:22 GMT; path=/; domain=.info-people.fr; HttpOnly; SameSite=Lax
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
post-check=0, pre-check=0
pragma
no-cache
location
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
strict-transport-security
max-age=63072000
x-request-id
A29E5B75:F77C_33592B57:0050_6055FB82_80C3EE:0008
CF-Cache-Status
DYNAMIC
cf-request-id
08f1778e1800004db28ab9c000000001
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=whB0dHR5Notd5MTyOioPrkcNJhryOsWc1iNBXfSB91jvHY%2Fhv57yWzF4qqYFktpshU5KE6hs55PacKot8r6SP9MmszxUInepCbkjvHH2W%2FJET9rAa5mo960KaYY39hs%3D"}]}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
632f5b902f6f4db2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article
wtm.info-people.fr/ 		0
891 B 		Other
General
Check archive.org
Download Go to
Full URL
http://wtm.info-people.fr/https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:22 GMT
CF-Cache-Status
DYNAMIC
NEL
{"max_age":604800,"report_to":"cf-nel"}
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
43
cf-request-id
08f1778e7400004db25b3c8000000001
x-request-id
A29E5B75:F7EE_33592B57:0050_6055FB82_80C402:0008
pragma
no-cache
Server
cloudflare
strict-transport-security
max-age=63072000
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P2nltMOJumF8WJq%2BiSUytE0kaoWBdqGxq9sDrzJ4souJVm4%2BwQRS%2BcP77TQaC%2BTZCHY%2Fs%2BhFI6dxErM7e9Rit%2BFcnrkfniyJeRQz9OH7c0zmhWPKi5FZqVMTzWBF%2F%2FU%3D"}]}
Content-Type
image/gif
cache-control
post-check=0, pre-check=0
CF-RAY
632f5b90b8734db2-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
cl.gif
r.phywi.org/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/cl.gif?m=94ea13bbdf7c3d25b7e21add59906d66
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9c5b:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
server
nginx
date
Sat, 20 Mar 2021 13:41:22 GMT
x-request-id
2A0104F8019254140000000000000002:A0F8_200141D002039C5B0000000000000000:01BB_6055FB82_5D9FF7:0008
content-type
image/gif
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/
Redirect Chain
  • https://er.cloud-media.fr/r/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.119.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-119-21.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:22 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/94ea13bbdf7c3d25b7e21add59906d66/20305b1d-4a14-4990-b6a1-7765863e4041
date
Sat, 20 Mar 2021 13:41:22 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94ea13bbdf7c3d25b7e21add59906d66%26wb%3D%7BWEBO_CID%7D&bounce=1&random=3563084267
  • https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=nqpHnduoMdF7mqTjkQiCg.
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=nqpHnduoMdF7mqTjkQiCg.
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9c5b:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.info-people.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
server
nginx
date
Sat, 20 Mar 2021 13:41:22 GMT
x-request-id
2A0104F8019254140000000000000002:A0F8_200141D002039C5B0000000000000000:01BB_6055FB82_5D9FFD:0008
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:22 GMT
via
1.1 google
last-modified
Sat, 20 Mar 2021 13:41:22 GMT
server
nginx/1.12.0
location
https://r.phywi.org/webo.gif?md=94ea13bbdf7c3d25b7e21add59906d66&wb=nqpHnduoMdF7mqTjkQiCg.
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236
www.gala.fr/l_actu/news_de_stars/ 		175 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Requested by
Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=94ea13bbdf7c3d25b7e21add59906d66&c=fr&u=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dc=jxe56XcMHuXRo5w56GUXr%2FYLtc%2FgccbiNBuqX6scW7ND0iO99J4xD4Jb3yT9GtDRa4fvnS4S9bnYbzAz91bV6Xjv2zmU3WPozmXfB9vTQUEWcdHR8HzD%2FAD0MrVpgT51JK03svTCaV5KMNdpUtjkzI0hb6Au3Fy7uR2nVwAfSvG3qCLxAZKYspIUKyyWQT44tqomk5Jjg55Qn2rco%2FbR%2Bw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4aeebec148388757b2409dbc770ccb86e96408e1abd5c07fb70b838f077d25b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.gala.fr
:scheme
https
:path
/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://wtm.info-people.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://wtm.info-people.fr/

Response headers

content-type
text/html; charset=UTF-8
server-timing
intid;desc=abb12d075365a575
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
x-generation-time
0.049 @ Sat, 20 Mar 2021 13:40:35 GMT
content-encoding
gzip
x-varnish-cache
PASS
accept-ranges
bytes
content-length
25188
cache-control
public, max-age=13
date
Sat, 20 Mar 2021 13:41:22 GMT
vary
Accept-Encoding
browsertools.js
tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B54) /
Resource Hash
abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:22 GMT
content-encoding
gzip
age
21522624
x-cache
HIT
content-disposition
inline
content-length
12298
access-control-allow-origin
*
last-modified
Wed, 08 Jul 2020 14:28:37 GMT
server
ECAcc (ama/8B54)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
H3D3p_lWqSnXtGjDig2igruLcio1ejXe
via
1.1 85d2219c335742c82e7bf84433bc3257.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
1OFA8jFposhGyrFeOtqrCjBnF2VmTT-DvRK_aYCZSTuqQCvh-7BwRw==
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.111.0/ 		203 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/core-ads.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AEE) /
Resource Hash
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:22 GMT
content-encoding
gzip
age
189633
x-cache
HIT
content-disposition
inline
content-length
63839
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (ama/8AEE)
etag
W/"cc6f57047353c25650f6d03a5ecb9401"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
fk8JMZ.ZM7Ns5lUiYyI8L5t0e.C7Daee
via
1.1 2b0fb614bbb9725d108c7b6cf26875c6.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ilU-oQy1b8TlJ60oc254hyBThVcNTp6_9svy3ZBf9qn_XHqncwpCeQ==
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 869 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:41:22 GMT
frank-ruhl-libre-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-regular.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 04 Nov 2020 14:09:04 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 05 Nov 2020 20:57:00 GMT
cache-control
public, max-age=19898185
accept-ranges
bytes
content-length
19900
expires
Fri, 05 Nov 2021 20:57:47 GMT
frank-ruhl-libre-v5-latin-500.woff2
www.gala.fr/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-500.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1cd89f61370b7362c362612635115198199a35881b975e39523d7734511f4e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 14:33:00 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.000 @ Wed, 28 Oct 2020 21:10:08 GMT
cache-control
public, max-age=19207716
accept-ranges
bytes
content-length
19772
expires
Thu, 28 Oct 2021 21:09:58 GMT
frank-ruhl-libre-v5-latin-700.woff2
www.gala.fr/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-700.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 14 Oct 2020 12:08:24 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 15 Oct 2020 05:10:07 GMT
cache-control
public, max-age=18026918
accept-ranges
bytes
content-length
20288
expires
Fri, 15 Oct 2021 05:10:00 GMT
nunito-sans-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-regular.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16885762
accept-ranges
bytes
content-length
16920
expires
Sat, 02 Oct 2021 00:10:44 GMT
nunito-sans-v5-latin-600.woff2
www.gala.fr/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-600.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16885876
accept-ranges
bytes
content-length
16900
expires
Sat, 02 Oct 2021 00:12:38 GMT
nunito-sans-v5-latin-800.woff2
www.gala.fr/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-800.woff2
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2598e19440d3584cae862d26410fa6e545cc31d0b721f80b042d55ec599af604
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Wed, 04 Nov 2020 14:09:04 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/octet-stream
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 05 Nov 2020 20:57:00 GMT
cache-control
public, max-age=19898150
accept-ranges
bytes
content-length
16824
expires
Fri, 05 Nov 2021 20:57:12 GMT
1-bf63ec34b73eb30a370f.min.css
www.gala.fr/assets/styles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
098af96d8c73d9608eb04f3738256a3668036a98d29ce3c9d105148231e0a0b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-generation-time
0.001 @ Thu, 18 Mar 2021 15:21:50 GMT
cache-control
public, max-age=31369153
accept-ranges
bytes
vary
Accept-Encoding
content-length
2850
expires
Fri, 18 Mar 2022 15:20:35 GMT
article-bf63ec34b73eb30a370f.min.css
www.gala.fr/assets/styles/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/styles/article-bf63ec34b73eb30a370f.min.css
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b78cac285211c31b7ca83337645a9b8bfdf94e2f1b3bb410658b609c7c6658f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.003 @ Thu, 18 Mar 2021 15:21:28 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31369259
accept-ranges
bytes
vary
Accept-Encoding
content-length
11351
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:22:21 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
777
date
Sat, 20 Mar 2021 13:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 20 Mar 2021 15:28:25 GMT
gala-video-elizabeth-ii-pas-epargnee-encore-une-enorme-deception.jpg
gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2F89432a05-8554-4562-b5ed-20e67f7504f8.2Fd7e56159-1ee1-457d-a86b-5e4a977334e1.2F128... 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fcf-images.2Eeu-west-1.2Eprod.2Eboltdns.2Enet.2Fv1.2Fstatic.2F811631557001.2F89432a05-8554-4562-b5ed-20e67f7504f8.2Fd7e56159-1ee1-457d-a86b-5e4a977334e1.2F1280x720.2Fmatch.2Fimage.2Ejpg/1280x720/quality/80/gala-video-elizabeth-ii-pas-epargnee-encore-une-enorme-deception.jpg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B29) /
Resource Hash
ac94d31d8a27977b42ead09e5c52e3c06b62094006d18ed93467191c8d6d4b67

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:22 GMT
last-modified
Fri, 19 Mar 2021 18:21:38 GMT
server
ECAcc (ama/8B29)
age
69585
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Photosphere
cache-control
max-age=31536000, public, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
X-Photosphere
content-length
97896
expires
Sun, 20 Mar 2022 13:41:22 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA1) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BA1)
Age
1267
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29026
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gala-image-par-defaut.png
www.gala.fr/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gala.fr/assets/images/gala-image-par-defaut.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/assets/styles/1-bf63ec34b73eb30a370f.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 13:19:30 GMT
date
Sat, 20 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
image/png
access-control-allow-origin
*
x-generation-time
0.001 @ Fri, 02 Oct 2020 00:11:40 GMT
cache-control
public, max-age=16885809
accept-ranges
bytes
content-length
5765
expires
Sat, 02 Oct 2021 00:11:31 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
eum.min.js
eum.instana.io/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b

Request headers

Origin
https://www.gala.fr
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 9 Mar 2021 18:57:39 GMT
server
cloudflare
age
139168
etag
-1802586287--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
632f5b930d8d2ba1-FRA
cf-request-id
08f1778fe800002ba15e9cd000000001
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		516 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2616652
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Feb 2021 12:08:39 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
sourcepoint.min.js
tra.scds.pmdstatic.net/sourcepoint/3.8.1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/sourcepoint/3.8.1/sourcepoint.min.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A87) /
Resource Hash
0c6d16e0a0b92676f6c42aec301b7e6d99812ce50c069177f4732acab524ad76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
84387
x-cache
HIT
content-disposition
inline
content-length
2183
access-control-allow-origin
*
last-modified
Fri, 19 Mar 2021 14:14:53 GMT
server
ECAcc (ama/8A87)
etag
"ffc43a37e385fad7a914e206dbf4d69e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
TbkxwboxgUM6qGa6DhEbSfpK2krDDL0W
via
1.1 f6d81b3012ddbb7788e324c7c08594a7.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ZXchu11Ghn-UcJ7RsdhSsfU13n-37jJywZjBuIKrItfzbKvtE4QZlg==
essentials-bf63ec34b73eb30a370f.js
www.gala.fr/assets/scripts/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/essentials-bf63ec34b73eb30a370f.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cc2ba5b240816ae040aface540ba6dd94c90505051118fbdb6869e1254a7b0c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.001 @ Thu, 18 Mar 2021 15:21:25 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31369153
accept-ranges
bytes
vary
Accept-Encoding
content-length
7060
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:20:36 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		0
0
collect
www.google-analytics.com/j/ 		4 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2084543127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=http%3A%2F%2Fwtm.info-people.fr%2F&ul=en-us&de=UTF-8&dt=Elizabeth%20II%20pas%20%C3%A9pargn%C3%A9e%C2%A0%3A%20encore%20une%20%C3%A9norme%20d%C3%A9ception%20-%20Gala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1272336357&gjid=176937595&cid=1917814784.1616247683&tid=UA-18383854-2&_gid=1167378619.1616247683&_r=1&_slc=1&cd11=no&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd21=https&cd13=1&cd19=leader&cd18=%2CBuckingham%20Palace%2Cfamille%20royale%20d%27Angleterre%2CGotha%2CElizabeth%20d%27Angleterre%2C&cd27=http%3A%2F%2Fwtm.info-people.fr%2F&cd29=7acb4e44-6c9d-40e8-badf-10420a4121cd&cd34=0&cd30=Article%3A8b22b401-9d91-448e-bfd7-7c19c0d7e075&cd32=1917814784.1616247683&z=1477368099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame 1D89 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.gala.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7D) /
Resource Hash
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
838260
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Mar 2021 13:41:23 GMT
Etag
"e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified
Wed, 03 Mar 2021 19:20:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B7D)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105690
wrapperMessagingWithoutDetection.js
gdpr-tcfv2.sp-prod.net/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-64.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 21:07:41 GMT
server
AmazonS3
age
2018
etag
W/"8073094d2add7dd857b75129d94e1d56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Sat, 20 Mar 2021 13:07:46 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
YYdLQtGtBLeCl2KC_9fpFV7gc7fXi5BE6UW-gubD4sI05FonGDi_hQ==
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 04:57:25 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Age
31391
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
tPV4aixeJPGw_5dqqkE7WJPG4BLDVor-AxWiOWqMaeks-u2IeFiwHw==
Expires
Sun, 21 Mar 2021 04:57:25 GMT
elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236
www.gala.fr/l_actu/news_de_stars/ 		175 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4aeebec148388757b2409dbc770ccb86e96408e1abd5c07fb70b838f077d25b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.049 @ Sat, 20 Mar 2021 13:40:35 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
text/html; charset=UTF-8
cache-control
public, max-age=12
server-timing
intid;desc=abb12d075365a575
accept-ranges
bytes
vary
Accept-Encoding
content-length
25188
x-content-type-options
nosniff
settings
syndication.twitter.com/ Frame 1D89 		183 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=38f7dcb9a818135e6691acfc959dd14d730e30c0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.gala.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
118
date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
last-modified
Sat, 20 Mar 2021 13:41:23 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
fd834e27a3f3b2e8d476034b5433962c
strict-transport-security
max-age=631138519
content-length
152
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-18383854-2&cid=1917814784.1616247683&jid=1272336357&gjid=176937595&_gid=1167378619.1616247683&_u=YEBAAAAAAAAAAC~&z=99929993
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 20 Mar 2021 13:41:23 GMT
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
horizon_tweet.34340b4862062ad52a16974fec38ada0.js
platform.twitter.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.34340b4862062ad52a16974fec38ada0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B75) /
Resource Hash
62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 19:20:13 GMT
Server
ECS (amb/6B75)
Age
838259
Etag
"e2b05de91f8c78f901db283e3e344817+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2201
core-ads.js
tra.scds.pmdstatic.net/advertising-core/4.111.0/ 		203 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/core-ads.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AEE) /
Resource Hash
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
189634
x-cache
HIT
content-disposition
inline
content-length
63839
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (ama/8AEE)
etag
W/"cc6f57047353c25650f6d03a5ecb9401"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
fk8JMZ.ZM7Ns5lUiYyI8L5t0e.C7Daee
via
1.1 2b0fb614bbb9725d108c7b6cf26875c6.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
ilU-oQy1b8TlJ60oc254hyBThVcNTp6_9svy3ZBf9qn_XHqncwpCeQ==
p.js
cdn.parsely.com/keys/gala.fr/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/gala.fr/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.147.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-147-71.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7c0c8c3229e673fee98ef7b636ee0897a6d88bb735b767c901c6624613e2ab77

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Mar 2021 00:56:43 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 19:39:18 GMT
server
nginx
age
45892
etag
W/"603fe5e6-bd28"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
30o7ZOPG0JsCUOzJjghHhoG65ZusSRCWTWqm4GGf_-hbIp-4SKhyIA==
expires
Sun, 21 Mar 2021 00:55:45 GMT
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%22086aa1f3-cc0a-4b55-8224-a2e7d30c07db%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Protocol
H2
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.gala.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Sat, 20 Mar 2021 13:41:23 GMT
x-powered-by
Express
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tOlaTLEGcYnneb1h1NxT4lG15rheTsJCsj09d0GUVari-XFwKmqn6Q==
native-message
consent.gala.fr/wrapper/tcfv2/v1/gdpr/ 		184 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A314%2C%22requestUUID%22%3A%22086aa1f3-cc0a-4b55-8224-a2e7d30c07db%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.gala.fr%22%2C%22targetingParams%22%3A%22%7B%5C%22isPremiumCookie%5C%22%3A%5C%220%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%2C%22groupPmId%22%3A165027%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
78643b5532847fe590153559ca1aac3614f09461b907c40e23b9cdd0919bc4f6

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
LiGCXL8Xs1l_6Sij5xBrO0qvHKynF9FxxYZUvVVxmdd4417HXRENrQ==
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18383854-2&cid=1917814784.1616247683&jid=1272336357&_u=YEBAAAAAAAAAAC~&z=1467651759
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18383854-2&cid=1917814784.1616247683&jid=1272336357&_u=YEBAAAAAAAAAAC~&z=1467651759
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gal-config.json
tra.scds.pmdstatic.net/advertising-core/4.111.0/config/ 		67 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advertising-core/4.111.0/config/gal-config.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AF9) /
Resource Hash
7c2179d2703a907d1f2fc1166ef41aa3e1938587778e098223acc3a3cc8777d5

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
189629
x-cache
HIT
content-disposition
inline
content-length
4499
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:00:23 GMT
server
ECAcc (ama/8AF9)
etag
W/"98edc63881581706dd002ed0888a0d3a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
oKKmkLdUFwSXZJNcit4YBuetGLA.YJLF
via
1.1 f1a0d076bd803c49a08dd5907cff82b0.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
x-amz-cf-id
bMuVOejCxD-aCrVAo2A14h9GLI28YnWoIGAgTYN-1ytAufZp77Th4g==
index.js
tra.scds.pmdstatic.net/pmc-starter/4.6.4/ 		46 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-starter/4.6.4/index.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B4B) /
Resource Hash
3f16fcd84f2f239b85b283f10e4d1696b3705ce385c7e6fc082f39a3e6a43c15

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
188410
x-cache
HIT
content-disposition
inline
content-length
14282
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 09:20:13 GMT
server
ECAcc (ama/8B4B)
etag
W/"d9184aaf11f89aa3dd2f61d5c3d166ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
kentjswNKOxnUakvXo1lFl5w2Ao.yB5c
via
1.1 ebc2f999559db1a05f6ebf1e799bb575.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
c4OIW7o8XlYFDBfs_hgKYbUU7VONSTecUQEatlUMa25LiOHVuGMmQQ==
gtm.js
www.googletagmanager.com/ 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Requested by
Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3229cf46f6753b600d45518ad3ea5d57079f5a6109516c0f1775c8c7822b9887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51650
x-xss-protection
0
last-modified
Sat, 20 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Mar 2021 13:41:23 GMT
bookmark-statics.js
tra.scds.pmdstatic.net/bookmark/4.0.0/js/ 		58 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/bookmark/4.0.0/js/bookmark-statics.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A9B) /
Resource Hash
27e9af45e7199f4b3578e56dd250282243c01472c20536fee0d020232d15a9b2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
2589397
x-cache
HIT
content-disposition
inline
content-length
20122
access-control-allow-origin
*
last-modified
Wed, 20 Jan 2021 15:17:27 GMT
server
ECAcc (ama/8A9B)
etag
"763e7aa93b839fd68ca6c33226525a4e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
b7ep1Dv2AuiJBpQPhfJz0sGK0CcggYb_
via
1.1 d6561aeeccb210202cf78b99f07c5235.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
BycfqpD8BPSNGmsrAWwowaPsOsnfbSlI-ibT2T77UVvEATRsXhx9rQ==
Tweet.html
platform.twitter.com/embed/ Frame 37CC 		487 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B87) /
Resource Hash
940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
282
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Mar 2021 13:41:23 GMT
Etag
"8cc6bf07c6b7f9bf31a00bb9405f5bea"
Last-Modified
Wed, 10 Mar 2021 20:45:03 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B87)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1616247683251&plid=60262655&idsite=gala.fr&url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&urlref=http%3A%2F%2Fwtm.info-people.fr%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&sref=http%3A%2F%2Fwtm.info-people.fr%2F&sts=1616247683247&slts=0&title=Elizabeth+II+pas+%C3%A9pargn%C3%A9e%C2%A0%3A+encore+une+%C3%A9norme+d%C3%A9ception+-+Gala&date=Sat+Mar+20+2021+14%3A41%3A23+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=48979116&u=pid%3D0e19dafa097d653bea7627284dc7b81a
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 20-Mar-2021 13:41:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
0-19459ee0922977780343.js
www.gala.fr/assets/scripts/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/0-19459ee0922977780343.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0ee720d635dad6cca5fef794b0efe37032030e80147bcae494957b27def0a44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
285028a83c52b1de
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
285028a83c52b1de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=285028a83c52b1de

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
-0.000 @ Thu, 18 Mar 2021 10:41:17 GMT
last-modified
Thu, 18 Mar 2021 09:17:13 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31352335
accept-ranges
bytes
vary
Accept-Encoding
content-length
2665
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 10:40:18 GMT
1-7e21699d54cec6dda254.js
www.gala.fr/assets/scripts/ 		157 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/1-7e21699d54cec6dda254.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
323d34dab70216c09889c2511a7a625a8d688d0a4f18f8f8acdf1813826ce53d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
48ebfba6b78d336
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
48ebfba6b78d336
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=48ebfba6b78d336

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
x-generation-time
0.000 @ Thu, 18 Mar 2021 15:21:32 GMT
cache-control
public, max-age=31369172
accept-ranges
bytes
vary
Accept-Encoding
content-length
95
expires
Fri, 18 Mar 2022 15:20:55 GMT
article-bf63ec34b73eb30a370f.js
www.gala.fr/assets/scripts/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gala.fr/assets/scripts/article-bf63ec34b73eb30a370f.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.149.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-149-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83d3007ad7d10d08f2f785f4beb96432d503730bf49feb4f5a2dd45cd857ab0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
de314fcbed87454f
Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
X-INSTANA-S
de314fcbed87454f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=de314fcbed87454f

Response headers

x-varnish-cache
PASS
content-security-policy
upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding
gzip
x-generation-time
0.032 @ Thu, 18 Mar 2021 15:21:25 GMT
last-modified
Thu, 18 Mar 2021 14:58:17 GMT
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload; always;
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31369245
accept-ranges
bytes
vary
Accept-Encoding
content-length
5984
x-content-type-options
nosniff
expires
Fri, 18 Mar 2022 15:22:08 GMT
newsletterBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/ 		71 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/newsletterBundle.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AB7) /
Resource Hash
917a48d5da39892c1f6394a3bae82998aba46dd8af3ccacb44e65a85ff90da34

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
246895
x-cache
HIT
content-disposition
inline
content-length
22722
access-control-allow-origin
*
last-modified
Wed, 17 Mar 2021 17:05:45 GMT
server
ECAcc (ama/8AB7)
etag
W/"770112eb4bfb9484fc8bb495bd855c43"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ACcJ6ZWPRNEmfW8CeH6ao9MuybsTOo5R
via
1.1 a64d90720955c3d3de37aa0526d1a7a5.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
vDnO6hemx2Ugdq-GXPLwuqwD8Hkehkks4lFDgv7NBTwn-QjLFPlG7A==
optinBundle.js
tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/pmc-kit-components/3.3.3/optinBundle.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B5D) /
Resource Hash
059d0dcb86cca77927d8cf90ff982021cec8523ea1629d2ff922085f37cdf43c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
246895
x-cache
HIT
content-disposition
inline
content-length
3540
access-control-allow-origin
*
last-modified
Wed, 17 Mar 2021 17:05:45 GMT
server
ECAcc (ama/8B5D)
etag
W/"9e68e2d476939723a0b2e199a5d4037e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
3SF3Ms9h8Eb7IWmhdcReKxdE2iVPe14Y
via
1.1 35edfe00d0c28f55b85d2366a87b40f9.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
y4M95wvBYBfC0SV9V1QGE9BWg4aX32EDfDBhUIrU_gYdadJMerqLhA==
overview.js
tra.scds.pmdstatic.net/logora/5.0.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/logora/5.0.0/overview.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B15) /
Resource Hash
e9e1b7edaebe2866ed779b7a38212fc5c7df8d6a01b14c5d08b6e31341ede9e9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
age
2589396
x-cache
HIT
content-disposition
inline
content-length
1904
access-control-allow-origin
*
last-modified
Tue, 16 Feb 2021 13:58:30 GMT
server
ECAcc (ama/8B15)
etag
"f078bb3234775a126cccd496a6b8f188+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
cZsHOQTPZGBWOSOu6p2ueD4HT_I3FHGj
via
1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
cache-control
max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
content-type
application/javascript
x-ocdn
all-query
x-amz-cf-id
HZzuydWupz3WFBipzJR3dwdgvky-c2yjNeLZxz0ZUnbcD-fQw2_oOw==
article.json
tra.scds.pmdstatic.net/advis/228216569/Gala/l_actu-news_de_stars/ 		5 KB
834 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tra.scds.pmdstatic.net/advis/228216569/Gala/l_actu-news_de_stars/article.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B0D) /
Resource Hash
6d45fef25132c8b5460a5cbe014ba1b258ca4e30920eb60173e4c1ca74b3c9f6

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
724
x-cache
HIT
content-length
514
x-amz-id-2
Ttu7OxQR6Ya4VhSRnXB8iT/zWkXm/AzIMtwq0ODoMtJmlIyhM2Kh2a+yzUR0kUeHwKAW6klF8Po=
last-modified
Sat, 20 Mar 2021 04:35:29 GMT
server
ECAcc (ama/8B0D)
etag
"8308974ab881aa66d9f5628e22033302+gzip"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
C8A34C4ECW94YBYX
access-control-allow-origin
*
access-control-expose-headers
GET, PUT
cache-control
max-age=3600,s-maxage=3600,public
x-amz-version-id
rlzpAp2tYFzyFU_mfu.AAfWhJvjQoKrp
accept-ranges
bytes
content-type
application/json
x-ocdn
all-query
embed.runtime.892471bfa3c75ece36a0.js
platform.twitter.com/embed/ Frame 37CC 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash
2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6BC7)
Age
838260
Etag
"808357fc50ebb4cb54295e289bbcb483+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3212
embed.modules.bd4d763216e3c493ca8a.js
platform.twitter.com/embed/ Frame 37CC 		867 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7F) /
Resource Hash
2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6B7F)
Age
838256
Etag
"37d8d9410f3720c5b8e9d1c4c8dc8da4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
279108
embed.i18n.c599afdb8b99029d9d01.js
platform.twitter.com/embed/ Frame 37CC 		145 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c599afdb8b99029d9d01.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC8) /
Resource Hash
5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6BC8)
Age
838260
Etag
"80986634aeaf1d56f9ae3cd99d41d080"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
145
embed.Tweet.7634e45e15726dcc3ed9.js
platform.twitter.com/embed/ Frame 37CC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.7634e45e15726dcc3ed9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA3) /
Resource Hash
47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6BA3)
Age
838252
Etag
"e187fa96fda18d11604d4a192f0fae2e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5619
gtm.js
www.googletagmanager.com/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cf315faf59da8d4ebdfe18b2a3907b037f6051de03a069769bb82cf2ca2a4c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48645
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:41:23 GMT
bootstrap.min.js
via.batch.com/v2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://via.batch.com/v2/bootstrap.min.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
ac72fb6790390bf18c50d6d435fcdcc12f710b516fa56b5fc4c40126a1b1fdfd

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
allow
GET, POST, OPTIONS
last-modified
Thu, 18 Mar 2021 14:24:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-cache
HIT
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept
content-length
1067
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5W69BFBLT1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed1b01c80bbf7a0850718d12cfcc2355b465d21a07ec9c9be1a56d480268af24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53520
x-xss-protection
0
expires
Sat, 20 Mar 2021 13:41:23 GMT
hotjar-308465.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-308465.js?sv=6
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-67.dus51.r.cloudfront.net
Software
/
Resource Hash
bba534a7d04a49afa456de44bfd0b4a926f305c21d15dabb2d1212fb7632baee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-C1
etag
W/bdf7a2137331ed8171faf6baabebc627
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
S2qdOKJ2oaH1ZK-sbOIdnb4jTbgTigzchxzrR4JXHNn80KEHuZ5uCQ==
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
index.html
consent.gala.fr/ Frame 364B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
Requested by
Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a

Request headers

:method
GET
:authority
consent.gala.fr
:scheme
https
:path
/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_ga=GA1.2.1917814784.1616247683; _gid=GA1.2.1167378619.1616247683; _gat=1; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article%22%2C%22sref%22:%22http://wtm.info-people.fr/%22%2C%22sts%22:1616247683247%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=0e19dafa097d653bea7627284dc7b81a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1616247683247}; consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

content-type
text/html
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
content-encoding
gzip
date
Sat, 20 Mar 2021 12:58:45 GMT
etag
W/"f895edfe84fb752b0b1fea2c750ad685"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
mbthxKDMRgALPJuFV_4zJ1B2_QTfHOjt2AakjT3UrE2FRA2ahoaUhg==
age
2559
dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
boot.pbstck.com/v1/tag/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc95e7e17f2279c7a78753843b05ffd0dda47a9f763cbc493f64e4c66c946d9c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
632f5b951cea4e38-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f177912a00004e38bf8e5000000001
outbrain.js
widgets.outbrain.com/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
edge-cache-tag
widget-cheetah
cookie
CheetahStaging=true
x-traceid
680a21d574e44c50b0ae8b4817b19bf4
content-length
57062
last-modified
Tue, 16 Mar 2021 14:27:22 GMT
etag
W/"29f28-Fn8ZJ8Pp7yjE7XsrnLpL1aRVU3I"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
timing-allow-origin
*, *
expires
Sat, 20 Mar 2021 17:41:23 GMT
modules.80e35cdf321570eb5b34.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.80e35cdf321570eb5b34.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-308465.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-24.dus51.r.cloudfront.net
Software
/
Resource Hash
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 10:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
184636
x-cache
Hit from cloudfront
content-length
58627
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 10:23:26 GMT
etag
"4a7c1a7cb16c5ef7e63405bd6f9a943a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
e4SoAKzYysFDPEGbRObNykbSTbM59LIFabsroLCKvxNQHIkyJ3ruVg==
embed.vendors~ondemand.horizon-web.fr-js.8d5c71d4db67c9ff941b.js
platform.twitter.com/embed/ Frame 37CC 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.fr-js.8d5c71d4db67c9ff941b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B87) /
Resource Hash
e7247f92770218c7271bbcd08095d87680047adca672e7030e6b72ddbd96b4da

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6B87)
Age
838260
Etag
"6e259a0b7830d7bea8ae1dd154b3b41c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6697
embed.ondemand.i18n.fr-js.a3609833495f750f5973.js
platform.twitter.com/embed/ Frame 37CC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.fr-js.a3609833495f750f5973.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B82) /
Resource Hash
2be641600473e61a64ac3a8328aa2d9d6ce603818a7aea4769ab28438c0d257b

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6B82)
Age
838260
Etag
"6e765a7a6f5d9bd1098b84f2cb88f9bf+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1286
collect
www.google-analytics.com/g/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5W69BFBLT1&gtm=2oe3a0&_p=2084543127&sr=1600x1200&gcs=G10-&ul=en-us&cid=1917814784.1616247683&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&dr=http%3A%2F%2Fwtm.info-people.fr%2F&dt=Elizabeth%20II%20pas%20%C3%A9pargn%C3%A9e%C2%A0%3A%20encore%20une%20%C3%A9norme%20d%C3%A9ception%20-%20Gala&sid=1616247683&sct=1&seg=0&en=page_view&_fv=1&_ss=1&up._npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5W69BFBLT1&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E2D7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-308465.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
iWfIb8yhtK0E8XUeguvLvPSJ5bOUplp6gjhUpb8xUYSEwz8RJnswDA==
age
10096820
sync.js
sync.getpublica.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.getpublica.com/sync.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-73.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 05:02:31 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 05:02:28 GMT
server
AmazonS3
age
981533
etag
W/"57f96c63a498b1c3dc1a3c5ff601974b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
jhbhrTDhfXl3UTpsp3xqnIkfofq275RUARk8-V5k30_FLa0NwgU8ew==
Notice.37f30.css
consent.gala.fr/ Frame 364B 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/Notice.37f30.css
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:34:12 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
434
etag
W/"227670f327655cdc0f6317b8d0f58d27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
oEXj9DfaBMPZGU_tVl5FOEjr0qUWY9kxNU6HJCQnsn4Bv5KDdmx1pw==
monitoring-df313c4.js
cdn.pbstck.com/ 		158 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-df313c4.js
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4db9d090aae49db15bcc47983205d60df696285b62b76da424e484c6e6b2be4

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
cf-cache-status
HIT
age
165097
x-guploader-uploadid
ABg5-Uwp17iYYRvKcUNLnbywMKvgGynRQeS61ql8cdzcsOZZQ7zBOLOFQoAsMs7wot6HsyUkpiHFGv6IpHQE5u8WZ45gJ-kEgw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f17791b000004a97561c1000000001
last-modified
Thu, 11 Mar 2021 15:48:51 GMT
server
cloudflare
etag
W/"dc56af7e09f5a45d21b566b67f3075a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KaGqxg==, md5=3Favfgn1pF0htWa2fzB1pA==
x-goog-generation
1615477731335639
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
45034
cf-ray
632f5b95e90d4a97-FRA
expires
Thu, 25 Mar 2021 15:49:42 GMT
polyfills.65071.js
consent.gala.fr/ Frame 364B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/polyfills.65071.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:49:56 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
3092
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
v07Ec8Bd5J7h95Zm6wrsL_spkVpVf0sybpa_W3yquHXk5Ynt6LasuA==
Notice.2f2bf.js
consent.gala.fr/ Frame 364B 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.gala.fr/Notice.2f2bf.js
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-108.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce

Request headers

Referer
https://consent.gala.fr/index.html?message_id=461281&consentUUID=20f7fafa-4b9b-4fe1-97a9-ee64db1c6444&requestUUID=086aa1f3-cc0a-4b55-8224-a2e7d30c07db&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 12:42:43 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
3523
etag
W/"c85163727e52a58ce3e4990198570614"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
53rJuBmwj41yPxOBRiNGIb1FvOdGF68go08uWRFXtx0SR4dpDtpuoA==
embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js
platform.twitter.com/embed/ Frame 37CC 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6B74)
Age
838256
Etag
"b4dafb02c4bfceec1acb344ed7a6728e"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
2356672
embed.ondemand.Tweet.02eb6c35037461aef842.js
platform.twitter.com/embed/ Frame 37CC 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.02eb6c35037461aef842.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372948360756346880&lang=fr&origin=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&siteScreenName=GALAfr&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 20:45:02 GMT
Server
ECS (amb/6BC3)
Age
838235
Etag
"c4f7602d11b1c9491d043435ca6e4212+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14415
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame AE85 		416 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1615905785.764688"
last-modified
Tue, 16 Mar 2021 14:26:49 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Sat, 20 Mar 2021 13:41:23 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247683~rv=21~id=8cbf1da9c2a8b10e6f5240b08179b492; path=/; Expires=Sat, 20 Mar 2021 13:41:23 GMT; Secure; SameSite=None
d3d3LmdhbGEuZnI=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdhbGEuZnI=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=42260
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
980c129e00bd437d05e3b88c8e6c64bf
Content-Length
16
Expires
Sun, 21 Mar 2021 01:25:43 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=9.572083072932587
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 19 Apr 2021 13:41:23 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616247683608&sessionId=ac9b9222-a48f-e17e-eac0-ede43671ed89&url=www.gala.fr&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:41:23 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
641eb483d38d14349e66bb116558b662
Content-Length
4
Expires
0
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-43-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:41:23 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 364B 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=2667&consentLanguage=fr
Requested by
Host: consent.gala.fr
URL: https://consent.gala.fr/Notice.2f2bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-31.dus51.r.cloudfront.net
Software
/
Resource Hash
28edbb3857f4d86b41825fa010d80aa32e032fc0ff95bdd40d3b4317c3c6e6ae

Request headers

Referer
https://consent.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://consent.gala.fr
cache-control
no-cache
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
KTINY4wGR4U7ESBwSlK37BtdNd-w6JgvJ8vP5d1CvYZj1sox5aRslw==
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame AE85 		610 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1615905786.501847"
last-modified
Tue, 16 Mar 2021 14:26:49 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Sat, 20 Mar 2021 13:41:23 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247683~rv=23~id=38da5f80633067df19ffc5b9357ebc4f; path=/; Expires=Sat, 20 Mar 2021 13:41:23 GMT; Secure; SameSite=None
tweet
cdn.syndication.twimg.com/ Frame 37CC 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?id=1372948360756346880&lang=fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D66) / Express
Resource Hash
2877c3150ec54afe29b19c8b54cf5e6e41de67e5a34da5941d19a9f93be00628
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"596-Efob2808QVqUOgiaw2XCKNYm1js"
age
2
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
658
x-xss-protection
0
x-response-time
149
last-modified
Sat, 20 Mar 2021 13:41:21 GMT
server
ECS (lcy/1D66)
x-frame-options
SAMEORIGIN
date
Sat, 20 Mar 2021 13:41:23 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
6a45dd093635086bf90135b9509226bb
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
inscription-nl.min.js
static.coreg-feed.com/gala/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.coreg-feed.com/gala/js/inscription-nl.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aff26237d743b9b7b398f88cd38dc261dcbe55781d80f9f8c3b0a9a3b95f0933

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 15:38:43 GMT
Via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Oct 2015 12:44:19 GMT
Server
AmazonS3
Age
102955
ETag
"b63bc13d825b3adf1a5cd620ecd38a99"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
17596
X-Amz-Cf-Id
t-yNpvJ4ZlkPJJGJbAkime3xkg01DcApZoyJkv_Blx17PAGWA2OFlQ==
4fe9b272e52489e523fd4b04c6a40353.js
try.abtasty.com/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://try.abtasty.com/4fe9b272e52489e523fd4b04c6a40353.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-70.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3604b29d26df546d3ef4c042a0a4ec9a634f8ec7af604914306f76a6fbc48d7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 16:17:20 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 16:16:22 GMT
server
CloudFront
age
77048
etag
W/"bd9edcd81a0f33446ea9fbb896186c26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control
s-maxage=86400,max-age=30
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
r9rsclz4Db8pAvA4q2LzWj8FDu0T75cIXNAJRzbrjShoHDkqUGK4Pg==
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
yyNJdJ3TwPZLT17e43kqNDh2qsZV4rGzg+2aLSKJLHsImkREeFAEEtmISYrwHX0GncveT/d2rMg5afhmZQCKQg==
x-fb-trip-id
2065797240
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sr-gala.js
js.antvoice.com/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.antvoice.com/sr-gala.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.89.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
736c2575b5d07d3699de76d348b018828b953c5910c34c2e5d36b005a48c5e70

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 10:30:04 GMT
content-encoding
gzip
age
270679
x-guploader-uploadid
ABg5-UxO-oQDenMQwi82wlQf5X1MnHT-72h6FXxck4amyvNCLQ1vtK8vF2TMkGVDXuT6t7dgpWbb9qBDRUyFcgsHwNM
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
18866
last-modified
Wed, 03 Mar 2021 10:20:34 GMT
server
UploadServer
etag
"e5a4400b297e042d952b342de67e11c1"
vary
Accept-Encoding
x-goog-hash
crc32c=O4ClRA==, md5=5aRACyl+BC2VKzQt5n4RwQ==
x-goog-generation
1614766833991564
access-control-allow-origin
*
cache-control
public, max-age=604800
x-goog-stored-content-length
18866
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 24 Mar 2021 10:30:04 GMT
itm.js
itm.ivitrack.com/v1/gala/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/gala/itm.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
a0b600ad96d3d3ea4b7f1721093ed80b49a4f8c199f23e2e2e23f6b7e9a24a62

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:17:50 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
age
1413
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
4794
loader.js
config.seedtag.com/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/loader.js?v=0.4835539016505497
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f9d2661b7825d50fb4a73d16118cb74afa2bf12edf77a64a2807cc8fef857f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
br
cf-cache-status
HIT
age
32510
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f17792f800000b4bdba60000000001
last-modified
Tue, 16 Mar 2021 16:38:35 GMT
server
cloudflare
etag
W/"7123ae0e2e35821f1edd6974dfc4dc75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
632f5b97fb960b4b-AMS
expires
Sat, 20 Mar 2021 14:01:23 GMT
containr.js
cdn.mookie1.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.40.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-40-118.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
2941
Last-Modified
Tue, 08 Sep 2020 10:42:20 GMT
Server
AkamaiNetStorage
ETag
"6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sat, 20 Mar 2021 13:42:23 GMT
mailNotification.php
adtrack.adleadevent.com/ 		0
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=d7eac3c7-894a-4848-9c8a-2657d0877258&t=site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.110.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-110-128.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Mar 2021 13:41:23 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
client.js
asset.easydmp.net/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/js/client.js?t=224479
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
91d1ae842a400f27e1e9d44953a13202cf985b5d5ff8948e66cbfaf748537ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 08:33:43 GMT
X-IPLB-Request-ID
B9D4AB4B:482A_91EFC135:01BB_6055FB83_1172EE0:1A35D
ETag
"6051bee7-d4b"
X-IPLB-Instance
25256
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
3403
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
155.220.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 09:11:08 GMT
content-encoding
gzip
age
1053015
x-guploader-uploadid
ABg5-UwCITTPswfLTMLcHrb5P64KA9MM6eNk_VRTKJpMkMWpkhS3e-bT7uKVhPji4PD-8cnWLYeKpuk2YHcwE-kdjyY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60951
last-modified
Mon, 08 Mar 2021 09:08:13 GMT
server
UploadServer
etag
"453bdae55e72772be6cf9eeca9c66e90"
x-goog-hash
crc32c=UtxY/g==, md5=RTva5V5ydyvmz57sqcZukA==
x-goog-generation
1615194493440577
cache-control
no-transform
x-goog-stored-content-length
60951
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 08 Mar 2022 09:11:08 GMT
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 14:42:51 GMT
server
AkamaiNetStorage
etag
"c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
2864
expires
Sat, 20 Mar 2021 14:01:23 GMT
wrapper.js
tag.agrvt.com/tag/v2/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.agrvt.com/tag/v2/wrapper.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7018c7294b2fb8d76c4fecd534245a6e85657666b8409f613ddfa172408db9b6

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 13:24:49 GMT
content-encoding
br
x-cacheable
Matched cache
status
ok
x-cdn-pop
rbx1
content-length
2784
x-request-id
14811138
last-modified
Thu, 18 Mar 2021 03:00:01 GMT
x-cdn-pop-ip
51.254.41.192/26
etag
W/"3062-178434691a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 25 Mar 2021 13:24:49 GMT
itm.js
itm.ivitrack.com/v1/prisma-tag/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/prisma-tag/itm.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9e485b1b212dd0e5d55252ac7c0fa3e903b91edc51b85aaa3b39a4f0a9e01047

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:33:06 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
age
497
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
12768
px.js
p.cpx.to/p/12166/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12166/px.js
Requested by
Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7Owew3BcE40/2889979/104130935.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.145.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-145-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
669e7e7f5aa0c119796d832e8bb89e9a59d91045840db86cf77a8c9a9c0587dc

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:23 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
v2
odr.mookie1.com/t/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_623639&gtmcb=887209460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:23 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
prismashop.commander1.com/v3/
Redirect Chain
  • https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
  • https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.236.96.182 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-96-182.eu-west-3.compute.amazonaws.com
Software
web /
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
private
Date
Sat, 20 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Server
web
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/gif
Expires
Fri, 18 Jun 21 14:41:23 +0200

Redirect headers

Pragma
private
Date
Sat, 20 Mar 2021 13:41:23 GMT
Server
web
location
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Connection
keep-alive
Content-Type
text/html
Expires
Fri, 18 Jun 21 14:41:23 +0200
pixel
amplifypixel.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=002533c3569d0ed02c40f1a4efb6bb2eb6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:24 GMT
Cache-Control
no-cache
X-TraceId
c3a8ea0bbe53f065bc1b7c687293f154
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
jot
syndication.twitter.com/i/ Frame 37CC 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616247683900%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22GALAfr%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372948360756346880%22%5D%2C%22item_details%22%3A%7B%221372948360756346880%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Sat, 20 Mar 2021 13:41:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
fd834e27a3f3b2e8d476034b5433962c
x-transaction
00fbee510049079a
expires
Tue, 31 Mar 1981 05:00:00 GMT
get
odb.outbrain.com/utils/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&idx=0&rand=28167&key=NANOWDGT01&widgetJSId=AR_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=225&py=2513&vpd=1313&cw=757&settings=true&recs=true&version=2000250&sig=mOkpDiHl&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPDTs3HPDTs3HAGABCENBSCgAAAAAH_AABpYAAAOJAIMBAUAgAEMAAQIFCIQAAQhiQAAAABBCIBQJIAEqgAWVwEdoIEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEIAILACwEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMooASBAQGQCABHADLAGoAOwApYBvAExAMCEQCgArADLAGoAOwAgABSwDWAHVAPkAwISADAAcAOcBv4SAiAAgAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgAgBfADCDQDQArADLAGoAOwAgABBQClgGsAN4AdUA-QCKgGBBwAQADgG_ioBIAjgBlgDUAHYAUsA3gCYgGBANyHQCgAfABWAGoAP0AsQBcwDFAHUAXaA0QeADABUARkBv5CAOAI4AagBQwDFAHUAXaA0QiACABUARklAHAAQAG0ARIAwgDFAHUAXaTABAEZAb-UgCgFDALmAbQBWwC7SoAMAFQAPgG_g.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0&wdr-natlaz=true&aqp=utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d1a3a2f29a9ef630bf47e404dc7dfacbd5be65b3de473cfc6902b9c545e5733

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.63
x-cache-hits
0, 0
x-traceid
41c58c151fc7d0ec106527e2012fb495
content-encoding
gzip
content-length
11132
x-served-by
cache-mdw17363-MDW, cache-fra19129-FRA
x-timer
S1616247684.921586,VS0,VE268
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
453617084824724
connect.facebook.net/signals/config/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/453617084824724?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ccc5be112ca6b63cf7619fa6229dc1a7e5c91c20f34917f2e7ddfcac55b3f15b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70519
x-fb-rlafr
0
pragma
public
x-fb-debug
XoeSO4BY4uj6w5TVY9YeLQoTJZZJrDdL6a7Vts34WFVU/kNcUsRHKYAhri44I9IOqpx2vWqultvYYoC2epVIRg==
x-fb-trip-id
2065797240
x-frame-options
DENY
date
Sat, 20 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
8xOBCZsT_normal.jpg
pbs.twimg.com/profile_images/594626432430710784/ Frame 37CC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/594626432430710784/8xOBCZsT_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB0) /
Resource Hash
5a724ffa38f833b20dc316dfae551a21f80b32fdc31b6bad1202ce249106718b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
x-content-type-options
nosniff
age
576254
x-cache
HIT
content-length
1807
x-response-time
118
surrogate-key
profile_images profile_images/bucket/1 profile_images/594626432430710784
last-modified
Sat, 02 May 2015 22:14:03 GMT
server
ECS (amb/6BB0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5ec51e8f4f22447614b65def94a643eb
accept-ranges
bytes
itm.html
itm.ivitrack.com/v1/taboola-iframe/ Frame AF96 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
101a4ec981f5beb13cd02aa0876512f9b5f1dc69d0b2f90ddda1828677c492b0

Request headers

:method
GET
:authority
itm.ivitrack.com
:scheme
https
:path
/v1/taboola-iframe/itm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

server
istio-envoy
date
Sat, 20 Mar 2021 13:18:06 GMT
content-type
text/html; charset=utf-8
content-length
1307
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
age
1397
cache-control
public, max-age=3600
alt-svc
clear
itm.html
itm.ivitrack.com/v1/liveramp-iframe/ Frame A4E5 		972 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
199482e6847d08a05f94318cb98a01eb05fdf420bdceeda9e2e50f1822bf33cd

Request headers

:method
GET
:authority
itm.ivitrack.com
:scheme
https
:path
/v1/liveramp-iframe/itm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

server
istio-envoy
date
Sat, 20 Mar 2021 13:01:11 GMT
content-type
text/html; charset=utf-8
content-length
972
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
age
2412
cache-control
public, max-age=3600
alt-svc
clear
cookie.html
cross-prod.antvoice.com/ Frame 35F5 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cross-prod.antvoice.com/cookie.html?v=20160624
Requested by
Host: js.antvoice.com
URL: https://js.antvoice.com/sr-gala.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.89.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40f6000577d7166bd28685ea2dbb24080bde08fda594f4d612e602b0ca320af2

Request headers

:method
GET
:authority
cross-prod.antvoice.com
:scheme
https
:path
/cookie.html?v=20160624
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

x-guploader-uploadid
ABg5-UzY-oi_mm75vwl2XiulW2Nn39chQU2XVlSs541sRvbfC8xpw39F6LyuvRM2SaiODqXasgYzGjtHElVZP6PiPMYc6MKIbQ
date
Wed, 10 Mar 2021 23:15:35 GMT
expires
Thu, 10 Mar 2022 23:15:35 GMT
last-modified
Thu, 09 May 2019 08:07:05 GMT
etag
"394af810d0d0ac6336cb9381158fc56e"
x-goog-generation
1557389225986260
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
4053
content-type
text/html
content-encoding
gzip
x-goog-hash
crc32c=QKorqw== md5=OUr4ENDQrGM2y5OBFY/Fbg==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
4053
access-control-allow-origin
*
server
UploadServer
cache-control
public, max-age=315360000
age
829548
alt-svc
clear
NotifyNodesAction
social-reco.antvoice.com/Activity/ 		20 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://social-reco.antvoice.com/Activity/NotifyNodesAction?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
application/json
Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
x-envoy-upstream-service-time
49
SyncId
ads.avads.net/ThirdParty/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3D16f5c536-cba2-4259-bc8f-cc713372efc5%26tp%3D1%26tpId%3D%24UID
  • https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=2857248279091304409
35 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=2857248279091304409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 13:41:24 GMT
X-Proxy-Origin
185.212.171.75; 185.212.171.75; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
d32de720-2327-4c3f-94b6-505cf8018fa8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&tp=1&tpId=2857248279091304409
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avads.net/ThirdParty/SyncDoubleClick/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_tc=
  • https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_gid=CAESEIpXcA5hnm6TuJWlmxAyLuA&google_cver=1
35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_gid=CAESEIpXcA5hnm6TuJWlmxAyLuA&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:23 GMT
x-envoy-upstream-service-time
9
server
istio-envoy
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 13:41:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=16f5c536-cba2-4259-bc8f-cc713372efc5&google_gid=CAESEIpXcA5hnm6TuJWlmxAyLuA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
355
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00c8bc6ea6946b8e7d608e3cf1a6b3e018,0088c68ec792cf8d4ecdd00a532f69c9fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:24 GMT
content-encoding
gzip
X-TraceId
e5096c99cccfc819e430c5c8b31a6c6e
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00c8bc6ea6946b8e7d608e3cf1a6b3e018,0088c68ec792cf8d4ecdd00a532f69c9fc&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&optOut=false&bust=08904880508139983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 13:41:24 GMT
Cache-Control
no-cache
X-TraceId
407b12077cc82c7902fb67f7f6a15c80
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
fire.js
s.cpx.to/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12166&ref=http%3A%2F%2Fwtm.info-people.fr%2F&hn_ver=11&fid=dde5a2df-8ac9-43e5-bb38-fb683182edb0&gcv=CPDTs3HPDTs3HAGABCENBSCgAAAAAH_AABpYAAAOJAIMBAUAgAEMAAQIFCIQAAQhiQAAAABBCIBQJIAEqgAWVwEdoIEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEIAILACwEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMooASBAQGQCABHADLAGoAOwApYBvAExAMCEQCgArADLAGoAOwAgABSwDWAHVAPkAwISADAAcAOcBv4SAiAAgAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgAgBfADCDQDQArADLAGoAOwAgABBQClgGsAN4AdUA-QCKgGBBwAQADgG_ioBIAjgBlgDUAHYAUsA3gCYgGBANyHQCgAfABWAGoAP0AsQBcwDFAHUAXaA0QeADABUARkBv5CAOAI4AagBQwDFAHUAXaA0QiACABUARklAHAAQAG0ARIAwgDFAHUAXaTABAEZAb-UgCgFDALmAbQBWwC7SoAMAFQAPgG_g.YAAAAAAAAAAA
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12166/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.137.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-137-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
itm.html
itm.ivitrack.com/v1/consent-iframe/ Frame 2948 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/consent-iframe/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/prisma-tag/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.76.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9cae318de6a9b1c0cb9077a5a7bc9cbcd53cad96b4f82556c81b30a424f4d23b

Request headers

:method
GET
:authority
itm.ivitrack.com
:scheme
https
:path
/v1/consent-iframe/itm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

server
istio-envoy
date
Sat, 20 Mar 2021 13:19:14 GMT
content-type
text/html; charset=utf-8
content-length
4469
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
age
1330
cache-control
public, max-age=3600
alt-svc
clear
cmp_list_v2.js
tag.agrvt.com/tag/v2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.agrvt.com/tag/v2/cmp_list_v2.js
Requested by
Host: tag.agrvt.com
URL: https://tag.agrvt.com/tag/v2/wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.224 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
941a57907c9e53ad9fb114438a6087d0523ee976199d239c80af9f561075398f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 13:24:49 GMT
content-encoding
br
x-cacheable
Matched cache
status
ok
x-cdn-pop
rbx1
content-length
2026
x-request-id
23232514
last-modified
Thu, 18 Mar 2021 03:00:01 GMT
x-cdn-pop-ip
51.254.41.192/26
etag
W/"2147-178434691a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 25 Mar 2021 13:24:49 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=453617084824724&ev=PageView&dl=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&rl=http%3A%2F%2Fwtm.info-people.fr%2F&if=false&ts=1616247684103&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616247684099.2063624076&it=1616247683934&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 20 Mar 2021 13:41:24 GMT
user.sync
api.taboola.com/1.2/json/ividence-radins/ Frame AF96 		83 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/1.2/json/ividence-radins/user.sync?app.type=desktop&app.apikey=357f535e3db3aabb54e25b9dbadc181b278642cd
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e50855ac10d76bf93aea38e61f893a4649a0dc47770d00b8e2cb055bf873377a

Request headers

Referer
https://itm.ivitrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 20 Mar 2021 13:41:24 GMT
via
1.1 varnish
server
nginx
x-timer
S1616247684.142263,VS0,VE9
x-served-by
cache-fra19183-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://itm.ivitrack.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=utf-8
x-cache-hits
0
sync
mappings.ivitrack.com/ Frame AF96 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mappings.ivitrack.com/sync?realm=taboola&uid=3d15a3a1-f266-4e7f-a15d-222ae23b78aa-tuct74f8104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.243.186.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://itm.ivitrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
42
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Mon, 19 Apr 2021 13:41:24 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 19 Apr 2021 13:41:24 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=3d81b14b428e6ec15ceed4bb2de8425f_2667_1616247684125&tm=651&eT=0&widgetWidth=757&widgetHeight=330&widgetX=225&widgetY=2514&tpcs=0&wRV=2000250&pVis=1&lsd=-1&eIdx=&cnsntV2=CPDTs3HPDTs3HAGABCENBSCgAAAAAH_AABpYAAAOJAIMBAUAgAEMAAQIFCIQAAQhiQAAAABBCIBQJIAEqgAWVwEdoIEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEIAILACwEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMooASBAQGQCABHADLAGoAOwApYBvAExAMCEQCgArADLAGoAOwAgABSwDWAHVAPkAwISADAAcAOcBv4SAiAAgAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgAgBfADCDQDQArADLAGoAOwAgABBQClgGsAN4AdUA-QCKgGBBwAQADgG_ioBIAjgBlgDUAHYAUsA3gCYgGBANyHQCgAfABWAGoAP0AsQBcwDFAHUAXaA0QeADABUARkBv5CAOAI4AagBQwDFAHUAXaA0QiACABUARklAHAAQAG0ARIAwgDFAHUAXaTABAEZAb-UgCgFDALmAbQBWwC7SoAMAFQAPgG_g.YAAAAAAAAAAA&cheq=0&ab=0&wl=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:41:24 GMT
content-encoding
gzip
X-TraceId
7e920ccf91a959962950382d4f3ebebb
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 33FF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gala.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"db1d14ae239d70e094caa7f13a678edc:1616080768.630435"
last-modified
Thu, 18 Mar 2021 15:19:15 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Sun, 21 Mar 2021 13:41:24 GMT
date
Sat, 20 Mar 2021 13:41:24 GMT
content-length
5339
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1616247684~rv=63~id=2061e024ebd0b69969830c267d5a8d9e; path=/; Expires=Sat, 20 Mar 2021 13:41:24 GMT; Secure; SameSite=None
get
odb.outbrain.com/utils/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236&idx=1&rand=74511&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&t=M2Q4MWIxNGI0MjhlNmVjMTVjZWVkNGJiMmRlODQyNWY=&adblck=false&abwl=false&px=225&py=3393&vpd=2193&cw=757&settings=true&recs=true&version=2000250&sig=mOkpDiHl&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPDTs3HPDTs3HAGABCENBSCgAAAAAH_AABpYAAAOJAIMBAUAgAEMAAQIFCIQAAQhiQAAAABBCIBQJIAEqgAWVwEdoIEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEIAILACwEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMooASBAQGQCABHADLAGoAOwApYBvAExAMCEQCgArADLAGoAOwAgABSwDWAHVAPkAwISADAAcAOcBv4SAiAAgAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgAgBfADCDQDQArADLAGoAOwAgABBQClgGsAN4AdUA-QCKgGBBwAQADgG_ioBIAjgBlgDUAHYAUsA3gCYgGBANyHQCgAfABWAGoAP0AsQBcwDFAHUAXaA0QeADABUARkBv5CAOAI4AagBQwDFAHUAXaA0QiACABUARklAHAAQAG0ARIAwgDFAHUAXaTABAEZAb-UgCgFDALmAbQBWwC7SoAMAFQAPgG_g.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0&wdr-natlaz=true&aqp=utm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Dpmo_gal_article&ref=http%3A%2F%2Fwtm.info-people.fr%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e622b2dfa197f50563c822594fae38155f33ff6766873121eae80ffdae9bdb8

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.43
x-cache-hits
0, 0
x-traceid
8992496e2a5a4735dcb660138ad8e54b
content-encoding
gzip
content-length
14620
x-served-by
cache-mdw17343-MDW, cache-fra19129-FRA
x-timer
S1616247684.243785,VS0,VE246
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6IjU5NTBkZDgxYjEyM2VjYWNkOGZlNjgzMjAxYzAwODMxYmRjZTQyYTUwZDU1Y2E3YmRjNDI1ZDU1YWFlMDE2YTIiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU5NTBkZDgxYjEyM2VjYWNkOGZlNjgzMjAxYzAwODMxYmRjZTQyYTUwZDU1Y2E3YmRjNDI1ZDU1YWFlMDE2YTIiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac79ed4b86754cfa4b1f310e064cf43f1d39421b350e0004f3ad5cc66acde650

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=1865743
last-modified
Mon, 08 Mar 2021 15:03:03 GMT
x-traceid
46dc62950434a24179965ff7f662a7f8
timing-allow-origin
*
content-length
20542
content-type
image/webp
eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e88f71fd945ac1930f56f7cc2ec43ff1d719e3b6fc2823702c319b228ca6b805

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=272385
last-modified
Thu, 04 Feb 2021 10:15:46 GMT
x-traceid
fc6257ab97049b519f6496bf6bcd9120
timing-allow-origin
*
content-length
17036
content-type
image/webp
eyJpdSI6IjhkOGE0OGEwYjRmYjlkNzMxN2JkNmUwYzFkMTNmNGNhNGU5NDY3Y2E4NWQyMzBhODBhMjEzODE0YWY1OWJhNGEiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhkOGE0OGEwYjRmYjlkNzMxN2JkNmUwYzFkMTNmNGNhNGU5NDY3Y2E4NWQyMzBhODBhMjEzODE0YWY1OWJhNGEiLCJ3IjozOTAsImgiOjI0MCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
757b3dbb693a76b6f13140c5ef267ee9567792b6822a24ec796ed345d9add40f

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=294280
last-modified
Thu, 18 Feb 2021 10:47:02 GMT
x-traceid
2349bd799a12bf59befe79cc81fb42b4
timing-allow-origin
*
content-length
40382
content-type
image/webp
jot
syndication.twitter.com/i/ Frame 37CC 		43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616247684269%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.gala.fr%2Fl_actu%2Fnews_de_stars%2Felizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22GALAfr%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372948360756346880%22%5D%2C%22item_details%22%3A%7B%221372948360756346880%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1039.9050004780293%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Sat, 20 Mar 2021 13:41:24 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
fd834e27a3f3b2e8d476034b5433962c
x-transaction
00023b0700378c05
expires
Tue, 31 Mar 1981 05:00:00 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Mon, 19 Apr 2021 13:41:24 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gala.fr
URL: https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.25.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 19 Apr 2021 13:41:24 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=f09f08b27cab5fa92bd2be19cd483f57_2667_1616247684427&tm=954&eT=0&widgetWidth=757&widgetHeight=711&widgetX=225&widgetY=3394&wRV=2000250&pVis=1&lsd=-1&eIdx=&cnsntV2=CPDTs3HPDTs3HAGABCENBSCgAAAAAH_AABpYAAAOJAIMBAUAgAEMAAQIFCIQAAQhiQAAAABBCIBQJIAEqgAWVwEdoIEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEIAILACwEAAAEAJCAAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMooASBAQGQCABHADLAGoAOwApYBvAExAMCEQCgArADLAGoAOwAgABSwDWAHVAPkAwISADAAcAOcBv4SAiAAgAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgAgBfADCDQDQArADLAGoAOwAgABBQClgGsAN4AdUA-QCKgGBBwAQADgG_ioBIAjgBlgDUAHYAUsA3gCYgGBANyHQCgAfABWAGoAP0AsQBcwDFAHUAXaA0QeADABUARkBv5CAOAI4AagBQwDFAHUAXaA0QiACABUARklAHAAQAG0ARIAwgDFAHUAXaTABAEZAb-UgCgFDALmAbQBWwC7SoAMAFQAPgG_g.YAAAAAAAAAAA&ab=0&wl=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:41:24 GMT
content-encoding
gzip
X-TraceId
43a14c2572929f6527cc86386506e561
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4YzliMTE3ZWQ5M2I5NjQ0ZDFmMzdkMzllOWJmNmNhZmZkYmVjYzk1NDRkMDA3NzkxYTQ2Y2FhMjc3ODFlMTciLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5454a49c76081489e22bae0ba9c9afabb3ee43e3c90a309f620839052b2052d7

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=277023
last-modified
Thu, 04 Feb 2021 10:15:46 GMT
x-traceid
451873678c1e9cc844589f37afae96c7
timing-allow-origin
*
content-length
9998
content-type
image/webp
eyJpdSI6Ijc1MDhjYTE2NjViNmU5ZTk4ZTJiZDg5NWM2MTBkZDMxYWFjZjdmYjE4Yjk4MzAyY2MxOGM4ZThiZDc5NDAyZTUiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc1MDhjYTE2NjViNmU5ZTk4ZTJiZDg5NWM2MTBkZDMxYWFjZjdmYjE4Yjk4MzAyY2MxOGM4ZThiZDc5NDAyZTUiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22856ae9be02dce8b3e1ff5163c3170e90ab269ce11879679f3840981d994d23

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=1828947
last-modified
Wed, 17 Feb 2021 07:00:23 GMT
x-traceid
782c14e4f07dd4bef816c5a53df7325a
timing-allow-origin
*
content-length
29130
content-type
image/webp
eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5c542640bc25de996d1e56ff9d49753b50d3f466105d155971b750b54f54363

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=1368989
last-modified
Mon, 08 Feb 2021 14:34:24 GMT
x-traceid
b5a7899d635bb6a7016fd1009006e4e3
timing-allow-origin
*
content-length
54916
content-type
image/webp
eyJpdSI6IjE3Y2RjMTNiYjBmZGM3ZjhhOTdlNThiNzE4ZGU5MTAzMTdmODAyOGFhZjk1NTk3MGE0ZmM5ZmQ3YWUwYTNhMTciLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE3Y2RjMTNiYjBmZGM3ZjhhOTdlNThiNzE4ZGU5MTAzMTdmODAyOGFhZjk1NTk3MGE0ZmM5ZmQ3YWUwYTNhMTciLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6962d374bbc290208e6602b1092343f6aa5693fb312bd39e989c1dbf7d10e016

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=288689
last-modified
Thu, 18 Feb 2021 13:11:49 GMT
x-traceid
f2c68392bd605e5a6383443750403335
timing-allow-origin
*
content-length
32584
content-type
image/webp
eyJpdSI6ImUzN2YwNjk1OWU1N2MxNmEwMjhmNTY5NmNjY2M1MGI5NzM5ZjQxZWRmN2JjMDFkZDM2MmJhY2NhNzYyZmE2NGQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUzN2YwNjk1OWU1N2MxNmEwMjhmNTY5NmNjY2M1MGI5NzM5ZjQxZWRmN2JjMDFkZDM2MmJhY2NhNzYyZmE2NGQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-201-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c8d7cdb63079ef49a8d7a82f942ae266b6707c666e32a4eb47ec60204bb9ff9

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 13:41:24 GMT
cache-control
max-age=276704
last-modified
Sat, 13 Feb 2021 03:06:13 GMT
x-traceid
f950db089d65d7582551de498831cf74
timing-allow-origin
*
content-length
28512
content-type
image/webp
/
www.facebook.com/tr/ 		0
33 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGXteh3hqKjl5SXbB

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 20 Mar 2021 13:41:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.gala.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-43-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:41:26 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-43-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gala.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sat, 20 Mar 2021 13:41:30 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
usersync
usersync.getpublica.com/ Frame D726 		0
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Requested by
Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-55-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
usersync.getpublica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gala.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gala.fr/

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires
0
Pragma
no-cache
Vary
Origin
Date
Sat, 20 Mar 2021 13:41:33 GMT
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1z2jf7jlzjs58.cloudfront.net
URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| pmcstarter function| loadCSS boolean| gtag_enable_tcf_support object| frontConfig object| dataLayer object| _gaq function| ga object| layerObj string| instanaUserId string| InstanaEumObject function| ineum function| setImmediate function| clearImmediate object| __core-js_shared__ object| core function| axios object| pmdBrowserTools object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr string| domain object| consentDomainList object| consentAccountIDList object| consentGroupId function| getUrl function| getBrand function| scrollChoice function| createCookie function| getCookieByName function| generateTargetingParams function| __tcfapi object| _sp_ object| picturefillCFG function| picturefill object| PARSELY object| coreAds object| webpackJsonpcoreAds object| pmsCoreAds object| googletag object| pbjs object| regeneratorRuntime object| scrollMonitor function| _typeof object| webpackChunkPmcAPIClient function| BookmarkClient function| Bookmark object| google_tag_manager function| postscribe object| google_tag_manager_external object| batchSDKUIConfig string| apiKeyBatch string| subdomainBatch string| authKeyBatch string| vapidPublicKeyBatch function| batchSDK function| hj object| _hjSettings object| pmcPopinConfigs object| galFront object| galApp number| 2f1acc6c3a606b082e5eef5e54414ffb object| pbstck object| Pubstack object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| onYouTubeIframeAPIReady boolean| InitPubStack object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| pbstckQ number| refreshTime function| onGalaPageUpdate undefined| socialGGA function| fbq function| _fbq function| srEnsureReady object| antvoice_variable object| ividGlobalObject number| tabletWidth number| mobileWidth string| myId object| _seedtagq function| mpfContainr string| fbId object| lrPxPrisma function| sendPixelsLR function| setUpAgknTag object| sqPrisma function| sendPixelsSq string| [eedmpact] function| eedmpdo object| s string| consentString undefined| consentObject string| pageCategory string| pageSubCategory function| obApi object| siteIdArray function| callback boolean| grvt_load_wrapper_functions_only object| grvt_customProperties string| grvt_siteToken string| grvt_processingToken object| script object| brands string| searchValues object| keys string| captify_kw_query_12166 object| ivid object| iframe object| $jscomp function| _$ object| easyXDM object| avsr undefined| _jQuery object| _sr object| social object| obj object| rtrim boolean| srReady object| webpackJsonp1615911871826 object| CONTAINR_LOGS object| CONTAINR_TAGR_CALLS object| pCache boolean| isConsentCheckDone string| cmpApiVersion object| CFos function| bind function| onWindowChange function| popinLoad function| ajax_request function| ajax_response function| cookie function| open_popup function| testmail function| get function| onPopinLoad function| run number| rgxid object| rgx object| ABTasty object| abtasty object| ats object| atsPrisma object| __ivi number| grvt_tries string| queryString object| urlParams boolean| debugMode object| grvt_wrapper function| grvt_callback string| token string| processing_token boolean| check_also_mr object| cmp_list_v2

24 Cookies

Domain/Path Name / Value
www.gala.fr/ Name: _sp_v1_csv
Value: null
.gala.fr/ Name: av-tp-appnexus
Value: 1616247683969
.gala.fr/ Name: av-sess-id-63
Value: 5c68a4ba-d238-4684-921e-247e991412a9
.gala.fr/ Name: av-mid
Value: 16f5c536-cba2-4259-bc8f-cc713372efc5
.gala.fr/ Name: av-third-party-enabled
Value: false
.gala.fr/ Name: _hjTLDTest
Value: 1
.gala.fr/ Name: consentUUID
Value: 20f7fafa-4b9b-4fe1-97a9-ee64db1c6444
www.gala.fr/ Name: _sp_v1_data
Value: 2:313786:1616247683:0:1:0:1:0:0:_:-1
.gala.fr/ Name: av-exp
Value: 1650458483000
.gala.fr/ Name: _ga_5W69BFBLT1
Value: GS1.1.1616247683.1.0.1616247683.0
www.gala.fr/ Name: _sp_v1_uid
Value: 1:744:cc87853b-a35c-440d-9869-92c062f0361e
.gala.fr/ Name: _ga
Value: GA1.1.1917814784.1616247683
www.gala.fr/ Name: _sp_v1_lt
Value: 1:
www.gala.fr/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
www.gala.fr/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKBjDwQw6A2FqfyWADYf5_yVwAAAA%3D%3D
.gala.fr/ Name: _hjid
Value: 2c6d1164-f97f-481b-a3a1-ad0c0bbbdf4d
www.gala.fr/ Name: pageCount
Value: 1
.gala.fr/ Name: av-tp-google
Value: 1616247683970
.gala.fr/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236?utm_source=welcoming&utm_medium=cpc&utm_campaign=pmo_gal_article%22%2C%22sref%22:%22http://wtm.info-people.fr/%22%2C%22sts%22:1616247683247%2C%22slts%22:0}
.gala.fr/ Name: _parsely_visitor
Value: {%22id%22:%22pid=0e19dafa097d653bea7627284dc7b81a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1616247683247}
.gala.fr/ Name: _gat
Value: 1
.gala.fr/ Name: _hjFirstSeen
Value: 1
www.gala.fr/ Name: _sp_v1_opt
Value: 1:
.gala.fr/ Name: _gid
Value: GA1.2.1167378619.1616247683

6 Console Messages

Source Level URL
Text
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
[object Object]
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
Error Failed to execute 'createObjectURL' on 'URL': Overload resolution failed.
console-api warning URL: https://tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1)
Message:
undefined
console-api log URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: https://js.antvoice.com/sr-gala.js(Line 984)
Message:
{"page":{"type":"ProductPage"},"product":{"url":"https://www.gala.fr/l_actu/news_de_stars/elizabeth-ii-pas-epargnee-encore-une-enorme-deception_465236","properties":{"WithVideo":"true","MetaCategory":"newsarticle","Category":"l'actu","SubCategory":"news de stars","DatePublished":"2021-03-19T18:54:05+01:00"},"id":"465236","name":"Elizabeth II pas épargnée : encore une énorme déception","description":"Alors qu'Elizabeth II doit faire face à de nombreuses déconvenues ces dernières semaines, le gouvernement britannique a convenu de l'annulation de la traditionnelle parade de Trooping the Colour en raison de l'épidémie de Covid-19, a fait savoir la journaliste Rebecca English ce vendredi 19 mars sur Twitter.","pictures":[{"url":"https://gal.img.pmdstatic.net/fit/https.3A.2F.2Fi.2Epmdstatic.2Enet.2Fgal.2F2021.2F03.2F19.2F972ec763-80af-42ba-a8c8-df94fed5a2c8.2Ejpeg/1200x499/crop-from/top/focus-point/1698%2C1613/elizabeth-ii-pas-epargnee-encore-une-enorme-deception.jpg"}],"status":"Active"},"version":"1.0","project":"gala","tags":[{"type":"Generic","name":"buckingham palace","action":"GALA_Generic_View"},{"type":"Generic","name":"famille royale d'angleterre","action":"GALA_Generic_View"},{"type":"Generic","name":"gotha","action":"GALA_Generic_View"},{"type":"Generic","name":"elizabeth d'angleterre","action":"GALA_Generic_View"},{"type":"SubCategory","name":"news de stars","action":"GALA_SubCategory_View"},{"type":"Category","name":"l'actu","action":"GALA_Category_View"}]}
console-api log URL: https://cdn.mookie1.com/containr.js(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avads.net
adtrack.adleadevent.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.taboola.com
asset.easydmp.net
ats.rlcdn.com
avads.net
boot.pbstck.com
cdn.mookie1.com
cdn.parsely.com
cdn.pbstck.com
cdn.polyfill.io
cdn.privacy-mgmt.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
config.seedtag.com
connect.facebook.net
consent.gala.fr
cross-prod.antvoice.com
d1z2jf7jlzjs58.cloudfront.net
er.cloud-media.fr
eum-eu-west-1.instana.io
eum.instana.io
gal.img.pmdstatic.net
gdpr-tcfv2.sp-prod.net
images.outbrainimg.com
itm.ivitrack.com
js.antvoice.com
log.outbrainimg.com
mappings.ivitrack.com
mcdp-chidc2.outbrain.com
ml.info-people.fr
odb.outbrain.com
odr.mookie1.com
p.cpx.to
p1.parsely.com
pbs.twimg.com
platform.twitter.com
prismashop.commander1.com
r.phywi.org
redirect.frontend.weborama.fr
s.cpx.to
script.hotjar.com
secure.adnxs.com
social-reco.antvoice.com
static.coreg-feed.com
static.hotjar.com
stats.g.doubleclick.net
sync.getpublica.com
syndication.twitter.com
tag.agrvt.com
tcheck.outbrainimg.com
tr.outbrain.com
tra.scds.pmdstatic.net
try.abtasty.com
usersync.getpublica.com
vars.hotjar.com
via.batch.com
widget-pixels.outbrain.com
widgets.outbrain.com
wtm.info-people.fr
www.facebook.com
www.gala.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
d1z2jf7jlzjs58.cloudfront.net
104.18.133.145
104.244.42.136
104.76.201.181
13.226.147.71
13.226.159.100
13.226.159.108
13.226.159.15
13.226.159.24
13.226.159.31
13.226.159.64
13.226.159.67
13.226.159.70
142.250.186.130
143.204.101.50
143.204.209.73
145.239.193.53
15.236.96.182
151.101.13.44
151.101.14.132
151.139.245.16
184.30.25.80
185.33.220.244
192.229.221.226
192.229.221.61
2001:41d0:203:9c5b::
23.37.40.118
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:15d
2606:4700:10::6816:5d
2606:4700:3035::ac43:d6ad
2606:4700::6810:9df3
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::621
3.230.55.171
34.98.67.61
35.186.243.160
35.190.16.14
35.190.76.172
35.190.89.230
35.205.207.25
35.244.220.155
46.105.201.224
50.31.142.159
52.17.119.21
52.51.145.177
54.144.144.142
54.194.137.128
54.229.43.10
54.247.110.128
70.42.32.127
91.190.170.12
92.123.149.215
00f9d2661b7825d50fb4a73d16118cb74afa2bf12edf77a64a2807cc8fef857f
059d0dcb86cca77927d8cf90ff982021cec8523ea1629d2ff922085f37cdf43c
098af96d8c73d9608eb04f3738256a3668036a98d29ce3c9d105148231e0a0b5
0c6d16e0a0b92676f6c42aec301b7e6d99812ce50c069177f4732acab524ad76
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
101a4ec981f5beb13cd02aa0876512f9b5f1dc69d0b2f90ddda1828677c492b0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
199482e6847d08a05f94318cb98a01eb05fdf420bdceeda9e2e50f1822bf33cd
19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
1c8d7cdb63079ef49a8d7a82f942ae266b6707c666e32a4eb47ec60204bb9ff9
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22856ae9be02dce8b3e1ff5163c3170e90ab269ce11879679f3840981d994d23
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
2598e19440d3584cae862d26410fa6e545cc31d0b721f80b042d55ec599af604
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e9af45e7199f4b3578e56dd250282243c01472c20536fee0d020232d15a9b2
2877c3150ec54afe29b19c8b54cf5e6e41de67e5a34da5941d19a9f93be00628
28edbb3857f4d86b41825fa010d80aa32e032fc0ff95bdd40d3b4317c3c6e6ae
2ae0809c4fca2150cce6f5b5f3c5f2cab62c27e8830d9369d1f4b7702e6d2a47
2be641600473e61a64ac3a8328aa2d9d6ce603818a7aea4769ab28438c0d257b
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee
2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299
2e622b2dfa197f50563c822594fae38155f33ff6766873121eae80ffdae9bdb8
3229cf46f6753b600d45518ad3ea5d57079f5a6109516c0f1775c8c7822b9887
323d34dab70216c09889c2511a7a625a8d688d0a4f18f8f8acdf1813826ce53d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57
3f16fcd84f2f239b85b283f10e4d1696b3705ce385c7e6fc082f39a3e6a43c15
40f6000577d7166bd28685ea2dbb24080bde08fda594f4d612e602b0ca320af2
47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4a250fdce92f5a2047b5db5815c251f6141c5a884e70280995430e7433d06a28
4aeebec148388757b2409dbc770ccb86e96408e1abd5c07fb70b838f077d25b2
4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b
4d1a3a2f29a9ef630bf47e404dc7dfacbd5be65b3de473cfc6902b9c545e5733
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5454a49c76081489e22bae0ba9c9afabb3ee43e3c90a309f620839052b2052d7
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a724ffa38f833b20dc316dfae551a21f80b32fdc31b6bad1202ce249106718b
5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f
669e7e7f5aa0c119796d832e8bb89e9a59d91045840db86cf77a8c9a9c0587dc
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6962d374bbc290208e6602b1092343f6aa5693fb312bd39e989c1dbf7d10e016
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6d45fef25132c8b5460a5cbe014ba1b258ca4e30920eb60173e4c1ca74b3c9f6
7018c7294b2fb8d76c4fecd534245a6e85657666b8409f613ddfa172408db9b6
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a
736c2575b5d07d3699de76d348b018828b953c5910c34c2e5d36b005a48c5e70
757b3dbb693a76b6f13140c5ef267ee9567792b6822a24ec796ed345d9add40f
78643b5532847fe590153559ca1aac3614f09461b907c40e23b9cdd0919bc4f6
7c0c8c3229e673fee98ef7b636ee0897a6d88bb735b767c901c6624613e2ab77
7c2179d2703a907d1f2fc1166ef41aa3e1938587778e098223acc3a3cc8777d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d3007ad7d10d08f2f785f4beb96432d503730bf49feb4f5a2dd45cd857ab0f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cf315faf59da8d4ebdfe18b2a3907b037f6051de03a069769bb82cf2ca2a4c0
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
917a48d5da39892c1f6394a3bae82998aba46dd8af3ccacb44e65a85ff90da34
91d1ae842a400f27e1e9d44953a13202cf985b5d5ff8948e66cbfaf748537ae8
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b
941a57907c9e53ad9fb114438a6087d0523ee976199d239c80af9f561075398f
9cae318de6a9b1c0cb9077a5a7bc9cbcd53cad96b4f82556c81b30a424f4d23b
9cd92ccf84ca6c2adcb7691de026ae46f47632e344b71ee6e08c43f38f0a59f5
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9e485b1b212dd0e5d55252ac7c0fa3e903b91edc51b85aaa3b39a4f0a9e01047
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b600ad96d3d3ea4b7f1721093ed80b49a4f8c199f23e2e2e23f6b7e9a24a62
a1cd89f61370b7362c362612635115198199a35881b975e39523d7734511f4e3
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4
ac72fb6790390bf18c50d6d435fcdcc12f710b516fa56b5fc4c40126a1b1fdfd
ac79ed4b86754cfa4b1f310e064cf43f1d39421b350e0004f3ad5cc66acde650
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac94d31d8a27977b42ead09e5c52e3c06b62094006d18ed93467191c8d6d4b67
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aff26237d743b9b7b398f88cd38dc261dcbe55781d80f9f8c3b0a9a3b95f0933
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b78cac285211c31b7ca83337645a9b8bfdf94e2f1b3bb410658b609c7c6658f9
b87f7719eb1f41d05b70be37b619108fb075392c398333ae1af174626e5404d5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba534a7d04a49afa456de44bfd0b4a926f305c21d15dabb2d1212fb7632baee
c0ee720d635dad6cca5fef794b0efe37032030e80147bcae494957b27def0a44
c15727daac3b0139529330f2a7a99095fa93a8f7341a75b937ac93f04bb87341
c4db9d090aae49db15bcc47983205d60df696285b62b76da424e484c6e6b2be4
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc2ba5b240816ae040aface540ba6dd94c90505051118fbdb6869e1254a7b0c8
ccc5be112ca6b63cf7619fa6229dc1a7e5c91c20f34917f2e7ddfcac55b3f15b
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c
e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3604b29d26df546d3ef4c042a0a4ec9a634f8ec7af604914306f76a6fbc48d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50855ac10d76bf93aea38e61f893a4649a0dc47770d00b8e2cb055bf873377a
e5c542640bc25de996d1e56ff9d49753b50d3f466105d155971b750b54f54363
e7247f92770218c7271bbcd08095d87680047adca672e7030e6b72ddbd96b4da
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413
e88f71fd945ac1930f56f7cc2ec43ff1d719e3b6fc2823702c319b228ca6b805
e9e1b7edaebe2866ed779b7a38212fc5c7df8d6a01b14c5d08b6e31341ede9e9
ea46a42d00476045a7d3b59ec7105a16d3a8e3c663781305a29aa9e015e71afb
ed1b01c80bbf7a0850718d12cfcc2355b465d21a07ec9c9be1a56d480268af24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
fc95e7e17f2279c7a78753843b05ffd0dda47a9f763cbc493f64e4c66c946d9c