www.gala.fr Open in urlscan Pro
104.111.232.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Effective URL:
https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Submission: On August 24 via api (August 24th 2020, 2:08:28 am UTC) from BE

Summary HTTP 187 Redirects Behaviour Indicators

Summary

This website contacted 70 IPs in 8 countries across 61 domains to perform 187 HTTP transactions. The main IP is 104.111.232.210, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.gala.fr.
TLS certificate: Issued by Thawte RSA CA 2018 on June 17th 2020. Valid for: a year.

This is the only time www.gala.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.190.170.12 91.190.170.12	31688 (SPLIO-AS) (SPLIO-AS)
1 3	2001:41d0:203... 2001:41d0:203:836d::	16276 (OVH) (OVH)
2	2001:41d0:303... 2001:41d0:303:41d3::	16276 (OVH) (OVH)
1 2	63.32.143.59 63.32.143.59	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 16	104.111.232.210 104.111.232.210	16625 (AKAMAI-AS) (AKAMAI-AS)
12	192.229.221.61 192.229.221.61	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:9cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2 2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
2	18.196.167.206 18.196.167.206	16509 (AMAZON-02) (AMAZON-02)
1 10	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.226.145.204 13.226.145.204	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
2	52.29.23.246 52.29.23.246	16509 (AMAZON-02) (AMAZON-02)
4	192.229.221.226 192.229.221.226	15133 (EDGECAST) (EDGECAST)
1	52.31.182.127 52.31.182.127	16509 (AMAZON-02) (AMAZON-02)
2	13.226.155.14 13.226.155.14	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:9df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:15d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.155.93 13.226.155.93	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.31 13.226.155.31	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:29e::1eae	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.190.89.230 35.190.89.230	15169 (GOOGLE) (GOOGLE)
3	35.190.76.172 35.190.76.172	15169 (GOOGLE) (GOOGLE)
1	52.95.154.23 52.95.154.23	16509 (AMAZON-02) (AMAZON-02)
2	34.250.197.125 34.250.197.125	16509 (AMAZON-02) (AMAZON-02)
1	104.111.228.229 104.111.228.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.247.110.128 54.247.110.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:a400:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:41d0:301... 2001:41d0:301:100:145:239:193:53	16276 (OVH) (OVH)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.198.136 46.105.198.136	16276 (OVH) (OVH)
1 2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	15.237.35.218 15.237.35.218	16509 (AMAZON-02) (AMAZON-02)
5	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
5 7	54.36.109.49 54.36.109.49	16276 (OVH) (OVH)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	52.58.161.11 52.58.161.11	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
3	35.244.231.49 35.244.231.49	15169 (GOOGLE) (GOOGLE)
1	52.51.34.169 52.51.34.169	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:fe00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 7	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
1 1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
4	18.196.208.66 18.196.208.66	16509 (AMAZON-02) (AMAZON-02)
2	3.122.165.204 3.122.165.204	16509 (AMAZON-02) (AMAZON-02)
2	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
3	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
3	137.74.125.156 137.74.125.156	16276 (OVH) (OVH)
3	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	34.241.165.231 34.241.165.231	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:6a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	104.244.38.20 104.244.38.20	7415 (ADSAFE-1) (ADSAFE-1)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	18.195.197.134 18.195.197.134	16509 (AMAZON-02) (AMAZON-02)
1	52.30.187.36 52.30.187.36	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
187	70

1 91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr

ml.info-people.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:203:836d:: (France) 1 redirects

ASN16276 (OVH, FR)

wtm.info-people.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:303:41d3:: (France)

ASN16276 (OVH, FR)

r.phywi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.143.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-143-59.eu-west-1.compute.amazonaws.com

er.cloud-media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.111.232.210 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-210.deploy.static.akamaitechnologies.com

www.gala.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abo.prismamediadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.221.61 (United States)

ASN15133 (EDGECAST, US)

prd2-tra.scds.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tra.scds.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.167.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-167-206.eu-central-1.compute.amazonaws.com

consent.prismamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.207.66 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.145.204 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.23.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-23-246.eu-central-1.compute.amazonaws.com

sourcepoint.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.226 (United States)

ASN15133 (EDGECAST, US)

gal.img.pmdstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.182.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com

boot.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-14.dus51.r.cloudfront.net

api.prismaconnect.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:9df3 (United States)

ASN13335 (CLOUDFLARENET, US)

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-93.dus51.r.cloudfront.net

notice.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-31.dus51.r.cloudfront.net

static.coreg-feed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:29e::1eae (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.89.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 230.89.190.35.bc.googleusercontent.com

js.antvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cross-prod.antvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.76.172 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 172.76.190.35.bc.googleusercontent.com

itm.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.154.23 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-west-3.amazonaws.com

cdn-alliancegravity.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.197.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-197-125.eu-west-1.compute.amazonaws.com

tag.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collecte.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.229 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-229.deploy.static.akamaitechnologies.com

cdn.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.110.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-110-128.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:a400:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.198.136 (France)

ASN16276 (OVH, FR)

cdn.mediasquare.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.35.218 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-35-218.eu-west-3.compute.amazonaws.com

prismashop.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.36.109.49 (Germany) 5 redirects

ASN16276 (OVH, FR)
PTR: p04.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.161.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.231.49 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 49.231.244.35.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.34.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-34-169.eu-west-1.compute.amazonaws.com

auth.audience.acpm.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:fe00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.11 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.208.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-208-66.eu-central-1.compute.amazonaws.com

abs.proxistore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.165.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-165-204.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.74.125.156 (France)

ASN16276 (OVH, FR)

pbs-front.mediasquare.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.165.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:6a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.38.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.197.134 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.187.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com 8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	751 KB
16	pmdstatic.net prd2-tra.scds.pmdstatic.net tra.scds.pmdstatic.net gal.img.pmdstatic.net	361 KB
15	doubleclick.net 5 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	131 KB
15	gala.fr 1 redirects www.gala.fr	161 KB
10	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	92 KB
7	ampproject.org cdn.ampproject.org	192 KB
7	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	6 KB
7	id5-sync.com 5 redirects id5-sync.com	9 KB
6	rubiconproject.com 1 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com	6 KB
6	outbrain.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com	4 KB
5	google.com 3 redirects www.google.com adservice.google.com	1 KB
5	instana.io eum.instana.io eum-eu-west-1.instana.io	10 KB
4	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	1 KB
4	proxistore.com abs.proxistore.com	3 KB
4	mediasquare.fr cdn.mediasquare.fr pbs-front.mediasquare.fr	3 KB
4	abtasty.com try.abtasty.com dcinfos-cache.abtasty.com ariane.abtasty.com	65 KB
4	amazon-adsystem.com c.amazon-adsystem.com	31 KB
4	info-people.fr 1 redirects ml.info-people.fr wtm.info-people.fr	4 KB
3	yahoo.com c2shb.ssp.yahoo.com	1 KB
3	smartadserver.com prg.smartadserver.com	3 KB
3	criteo.com 1 redirects dis.eu.criteo.com bidder.criteo.com	803 B
3	mookie1.com 1 redirects cdn.mookie1.com odr.mookie1.com	5 KB
3	acpm.fr tag.audience.acpm.fr auth.audience.acpm.fr collecte.audience.acpm.fr	5 KB
3	ivitrack.com itm.ivitrack.com	5 KB
3	google-analytics.com 2 redirects www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	73 KB
2	criteo.net static.criteo.net	43 KB
2	casalemedia.com htlb.casalemedia.com	4 KB
2	omnitagjs.com hb-api.omnitagjs.com	949 B
2	avads.net ads.avads.net avads.net	220 B
2	facebook.com www.facebook.com	516 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	996 B
2	360yield.com 2 redirects ice.360yield.com	1011 B
2	commander1.com 1 redirects prismashop.commander1.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	928 B
2	rlcdn.com ats.rlcdn.com api.rlcdn.com	58 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	antvoice.com js.antvoice.com cross-prod.antvoice.com	19 KB
2	facebook.net connect.facebook.net	165 KB
2	pbstck.com cdn.pbstck.com intake.pbstck.com	33 KB
2	prismaconnect.fr api.prismaconnect.fr	489 B
2	consensu.org sourcepoint.mgr.consensu.org	2 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	prismamedia.com consent.prismamedia.com	4 KB
2	google.de www.google.de	534 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	679 B
2	cloud-media.fr 1 redirects er.cloud-media.fr	419 B
2	phywi.org r.phywi.org	842 B
1	adsrvr.org match.adsrvr.org	264 B
1	google.nl adservice.google.nl	829 B
1	mathtag.com 1 redirects sync.mathtag.com	612 B
1	easydmp.net asset.easydmp.net	3 KB
1	adleadevent.com adtrack.adleadevent.com	464 B
1	amazonaws.com cdn-alliancegravity.s3.amazonaws.com	2 KB
1	coreg-feed.com static.coreg-feed.com	18 KB
1	sp-prod.net notice.sp-prod.net
1	pubstack.io boot.pubstack.io	831 B
1	indexww.com js-sec.indexww.com	15 KB
1	polyfill.io cdn.polyfill.io	619 B
1	prismamediadigital.com abo.prismamediadigital.com
0	la-meteo-mail.fr Failed ep.la-meteo-mail.fr Failed
187	61

	Domain	Requested by
15	www.gala.fr	1 redirects wtm.info-people.fr www.gala.fr eum.instana.io
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.gala.fr tpc.googlesyndication.com cdn.ampproject.org
10	securepubads.g.doubleclick.net	1 redirects ml.info-people.fr securepubads.g.doubleclick.net eum.instana.io www.gala.fr
9	prd2-tra.scds.pmdstatic.net	www.gala.fr eum.instana.io
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	id5-sync.com	5 redirects eum.instana.io
6	dt.adsafeprotected.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net eum.instana.io
5	ib.adnxs.com	1 redirects eum.instana.io
4	abs.proxistore.com	eum.instana.io
4	eum-eu-west-1.instana.io	eum.instana.io
4	gal.img.pmdstatic.net	eum.instana.io www.gala.fr
4	c.amazon-adsystem.com	ml.info-people.fr eum.instana.io
4	www.google.com	3 redirects www.gala.fr
3	fastlane.rubiconproject.com	eum.instana.io
3	pbs-front.mediasquare.fr	eum.instana.io
3	c2shb.ssp.yahoo.com	eum.instana.io
3	prg.smartadserver.com	eum.instana.io
3	amplifypixel.outbrain.com
3	itm.ivitrack.com	ml.info-people.fr itm.ivitrack.com
3	tra.scds.pmdstatic.net	ml.info-people.fr eum.instana.io
3	www.google-analytics.com	2 redirects www.gala.fr
3	www.googletagservices.com	www.gala.fr securepubads.g.doubleclick.net
3	wtm.info-people.fr	1 redirects wtm.info-people.fr
2	eb2.3lift.com	2 redirects
2	static.criteo.net	tra.scds.pmdstatic.net eum.instana.io
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.gala.fr
2	pixel.adsafeprotected.com	www.gala.fr
2	htlb.casalemedia.com	eum.instana.io
2	bidder.criteo.com	eum.instana.io
2	hb-api.omnitagjs.com	eum.instana.io
2	tlx.3lift.com	eum.instana.io
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ariane.abtasty.com	eum.instana.io
2	tr.outbrain.com
2	www.facebook.com
2	sync.crwdcntrl.net	2 redirects
2	ice.360yield.com	2 redirects
2	prismashop.commander1.com	1 redirects
2	pixel.tapad.com	2 redirects
2	odr.mookie1.com	1 redirects
2	connect.facebook.net	ml.info-people.fr connect.facebook.net
2	api.prismaconnect.fr	eum.instana.io
2	sourcepoint.mgr.consensu.org	eum.instana.io
2	www.googletagmanager.com	prd2-tra.scds.pmdstatic.net www.googletagmanager.com
2	consent.prismamedia.com	eum.instana.io
2	www.google.de	www.gala.fr
2	stats.g.doubleclick.net	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	er.cloud-media.fr	1 redirects wtm.info-people.fr
2	r.phywi.org	wtm.info-people.fr
1	pixel.rubiconproject.com
1	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	match.adsrvr.org
1	api.rlcdn.com	eum.instana.io
1	googleads.g.doubleclick.net
1	intake.pbstck.com	eum.instana.io
1	8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	avads.net
1	ads.avads.net
1	collecte.audience.acpm.fr
1	d.agkn.com	js.agkn.com
1	auth.audience.acpm.fr	eum.instana.io
1	dcinfos-cache.abtasty.com	eum.instana.io
1	cross-prod.antvoice.com	js.antvoice.com
1	dis.eu.criteo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cdn.mediasquare.fr	www.googletagmanager.com
1	amplify.outbrain.com	ml.info-people.fr
1	ats.rlcdn.com	www.googletagmanager.com
1	asset.easydmp.net	ml.info-people.fr
1	js.agkn.com	www.googletagmanager.com
1	adtrack.adleadevent.com	www.googletagmanager.com
1	cdn.mookie1.com	ml.info-people.fr
1	tag.audience.acpm.fr	ml.info-people.fr
1	cdn-alliancegravity.s3.amazonaws.com	ml.info-people.fr
1	js.antvoice.com	ml.info-people.fr
1	try.abtasty.com	www.googletagmanager.com
1	static.coreg-feed.com	www.googletagmanager.com
1	notice.sp-prod.net	ml.info-people.fr
1	cdn.pbstck.com	eum.instana.io
1	boot.pubstack.io	ml.info-people.fr
1	js-sec.indexww.com	ml.info-people.fr
1	cdn.polyfill.io	prd2-tra.scds.pmdstatic.net
1	eum.instana.io	www.gala.fr
1	abo.prismamediadigital.com	www.gala.fr
1	ml.info-people.fr
0	ep.la-meteo-mail.fr Failed	wtm.info-people.fr
187	92

This site contains no links.

Subject Issuer	Validity	Valid
ml.info-people.fr Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh
*.phywi.org Gandi Standard SSL CA 2	`2020-02-11` - `2022-02-11`	2 years	crt.sh
*.cmrt.io Amazon	`2019-10-11` - `2020-11-11`	a year	crt.sh
prismamediadigital.com Thawte RSA CA 2018	`2020-06-17` - `2021-05-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.instana.io DigiCert SHA2 Secure Server CA	`2017-10-09` - `2020-12-16`	3 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
consent.prismamedia.com Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
sourcepoint.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2020-03-30` - `2021-06-03`	a year	crt.sh
www.gala.fr Thawte RSA CA 2018	`2020-03-25` - `2022-04-24`	2 years	crt.sh
*.prod.pubstack.io Amazon	`2020-08-20` - `2021-09-19`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.sp-prod.net Let's Encrypt Authority X3	`2020-07-07` - `2020-10-05`	3 months	crt.sh
*.coreg-feed.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-22` - `2021-07-22`	a year	crt.sh
try.abtasty.com Let's Encrypt Authority X3	`2020-07-28` - `2020-10-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.antvoice.com Go Daddy Secure Certificate Authority - G2	`2019-05-11` - `2021-05-11`	2 years	crt.sh
itm.ivitrack.com Let's Encrypt Authority X3	`2020-07-21` - `2020-10-19`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.audience.acpm.fr Amazon	`2019-10-26` - `2020-11-26`	a year	crt.sh
cdn.mookie1.com DigiCert SHA2 Secure Server CA	`2020-03-12` - `2021-03-28`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
c.every-test.com Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh
ats.rlcdn.com GTS CA 1D2	`2020-07-21` - `2020-10-19`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
cdn.audiencesquare.com Let's Encrypt Authority X3	`2020-07-22` - `2020-10-20`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.commander1.com Thawte RSA CA 2018	`2020-08-05` - `2021-11-01`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
dcinfos-cache.abtasty.com Let's Encrypt Authority X3	`2020-06-18` - `2020-09-16`	3 months	crt.sh
ariane.abtasty.com Let's Encrypt Authority X3	`2020-06-11` - `2020-09-09`	3 months	crt.sh
*.avads.net Go Daddy Secure Certificate Authority - G2	`2020-02-03` - `2021-02-28`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.proxistore.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-06` - `2021-01-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2020-10-18`	6 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
pbs-front.mediasquare.fr Let's Encrypt Authority X3	`2020-07-22` - `2020-10-20`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.google.nl GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2019-11-01` - `2020-12-01`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2021-06-17`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Frame ID: F571ADED6AE054F7543319E880E7706E
Requests: 151 HTTP requests in this frame

Frame: https://abo.prismamediadigital.com/gal/1
Frame ID: 147300121686A5120BB15616FD2CF486
Requests: 1 HTTP requests in this frame

Frame: https://notice.sp-prod.net/?message_id=187010&mms_origin=https://consent.prismamedia.com/mms/v2
Frame ID: 28D754C1637CC3DF05B068FF45DD51A9
Requests: 1 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Frame ID: AFE608DF2D2EC4FC5455601E86303EFD
Requests: 1 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Frame ID: 3484800363C03B5E2B4822B444D5EDA6
Requests: 1 HTTP requests in this frame

Frame: https://cross-prod.antvoice.com/cookie.html?v=20160624
Frame ID: 799A09AD322B07EDAD1CB5A26582F7E3
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=638771716&gdpr=1&gdpr_consent=&ref=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&bpid=prisma&c=%7B%22bpid%22%3A%22prisma%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22royautes%3Futm_source%3Dwelcoming%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Demailwelcoming%22%2C%22brd%22%3A%22Gala%22%7D
Frame ID: CE1C208798845622716048A9B217A617
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: FD8D133918CF26F09EB3E34C2B1A8DDE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNQgNkxmoXig3d_4M3HwDeJkRChIPRDj0FPHMdb8jpiCVYw4SGDnkz1TSAeDIyRdh4pYad1Aq9dd2fgMvJQjRt6pUA4wLE1l_ZWbtiaonTrjOEyXkGHbqVeAdVsWz_XEwSP0wDcwEST248SDyUDFLSmOy4IjaZ9txhC88F1HcvUY3-xm-zMKUr5ZvksBJMnD6HlSZ3dhb0TVzyM3PJnukoRGhI5slmOarE3GiNngT8WDvk6M2KQ_rdMSz976Ar7YYJvwIheN_7KzHdkMzq40Yj-TjxVVcHHZUtUjevTIw&sig=Cg0ArKJSzI3wgi2PWH12EAE&urlfix=1&adurl=
Frame ID: 09FE2155E825B358CB1A44175AEE5029
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10090&campId=1800x1000&pubId=147899809&chanId=21827698064&placementId=5441042132&pubCreative=138318863327&pubOrder=2691473925&ias_adpath=%23click-zone&cb=668809226
Frame ID: E378946B959E1A7C078430CD4592ADA2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: DC866E86898387855C454FD6493CA061
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E29B6B77FC741190C3F75D9EDF44AA73
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 5D53DEF95E4D666DC01B7E06F53C476E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html Page URL
http://wtm.info-people.fr/w/142959/20f7600cd6004b0543968d56d440b615/1078/610/?mid=c65c2b8a6f0515187df5... HTTP 302
http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.... Page URL
http://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming HTTP 301
https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

187
Requests

98 %
HTTPS

31 %
IPv6

61
Domains

92
Subdomains

70
IPs

8
Countries

2381 kB
Transfer

5707 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html Page URL
http://wtm.info-people.fr/w/142959/20f7600cd6004b0543968d56d440b615/1078/610/?mid=c65c2b8a6f0515187df59b4b748782a8&ct=nl&n=5&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D HTTP 302
http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D Page URL
http://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming HTTP 301
https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://wtm.info-people.fr/w/142959/20f7600cd6004b0543968d56d440b615/1078/610/?mid=c65c2b8a6f0515187df59b4b748782a8&ct=nl&n=5&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D HTTP 302
http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D

Request Chain 4

https://er.cloud-media.fr/r/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
https://er.cloud-media.fr/c/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041

Request Chain 6

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D20f7600cd6004b0543968d56d440b615%26wb%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D20f7600cd6004b0543968d56d440b615%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1880399622 HTTP 302
https://r.phywi.org/webo.gif?md=20f7600cd6004b0543968d56d440b615&wb=HQhXCqc7H.pZJxtjm635lu

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=981928391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dr=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&ul=en-us&de=UTF-8&dt=Royaut%C3%A9s%20%3A%20articles%2C%20vid%C3%A9os%2C%20photos%20...%20sur%20Gala.fr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=2041317650&gjid=488571324&cid=527269385.1598234856&tid=UA-18383854-2&_gid=1177751373.1598234856&_r=1&cd14=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd21=https&cd27=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&cd29=7afe50fb-6fe9-4395-8aa7-6c81305e8c7e&z=2054581028 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_gid=1177751373.1598234856&gjid=488571324&_v=j83&z=2054581028 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028&slf_rd=1&random=3944219374

Request Chain 57

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=981928391&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dr=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&ul=en-us&de=UTF-8&dt=Royaut%C3%A9s%20%3A%20articles%2C%20vid%C3%A9os%2C%20photos%20...%20sur%20Gala.fr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tech&ea=Sets%20ClientId%20Into%20CustomDim&_u=aEDAAAAB~&jid=1431368321&gjid=2025753896&cid=527269385.1598234856&tid=UA-18383854-2&_gid=1177751373.1598234856&_r=1&gtm=2wg8c0T4CHHR&cd32=527269385.1598234856&z=36962327 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_gid=1177751373.1598234856&gjid=2025753896&_v=j83&z=36962327 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327&slf_rd=1&random=1952823444

Request Chain 75

https://odr.mookie1.com/t/v2?tagid=V2_623639&gtmcb=760900240 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10815394505722648268&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10815394505722648268&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=94a84f70-e5ae-11ea-9d81-2636ec5c4fb0

Request Chain 76

https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017 HTTP 302
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017

Request Chain 78

https://id5-sync.com/i/164/9.gif?gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/3/8/2.gif?puid=9f665f43-20e8-4200-bc17-e0e95ba0bca9&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/164/124/7/3.gif?puid=1bd56132-bdc5-4c0b-a210-fb53f52f3c75&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/164/203/6/4.gif?puid=df23b363-168d-4200-a09e-c8d52f1006ce&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/164/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/164/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/19/5/5.gif?puid=42967d371b0c51446813190941444c51&gdpr=1&gdpr_consent=

Request Chain 95

https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3Da81ee4e0-e263-4cea-8cec-ec48da474fe7%26tp%3D1%26tpId%3D%24UID HTTP 302
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=3359204689471533558

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_tc= HTTP 302
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_gid=CAESEAcwf1Mxo-R-IOEdlqf5fA0&google_cver=1

Request Chain 142

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNQgNkxmoXig3d_4M3HwDeJkRChIPRDj0FPHMdb8jpiCVYw4SGDnkz1TSAeDIyRdh4pYad1Aq9dd2fgMvJQjRt6pUA4wLE1l_ZWbtiaonTrjOEyXkGHbqVeAdVsWz_XEwSP0wDcwEST248SDyUDFLSmOy4IjaZ9txhC88F1HcvUY3-xm-zMKUr5ZvksBJMnD6HlSZ3dhb0TVzyM3PJnukoRGhI5slmOarE3GiNngT8WDvk6M2KQ_rdMSz976Ar7YYJvwIheN_7KzHdkMzq40Yj-TjxVVcHHZUtUjevTIw&sig=Cg0ArKJSzI3wgi2PWH12EAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/5402708244183389912? HTTP 302
https://tpc.googlesyndication.com/simgad/5402708244183389912

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 184

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 185

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pb_mediasquare&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pb_mediasquare&endpoint=eu

Request Chain 186

https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs-front.mediasquare.fr%2Fpbs%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://pbs-front.mediasquare.fr/pbs/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3359204689471533558

187 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 3667645879.html
ml.info-people.fr/l2/7JldiD9Um4/1787741/ 703 B
1 KB 135ms
47ms Document
text/html 91.190.170.12
SPLIO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS: s3s.fr
Software: Apache /
Resource Hash

Request headers

Host: ml.info-people.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:34 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag: noindex,nofollow
P3P: policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length: 703
Connection: close
Content-Type: text/html

GET
H/1.1

200
OK

redirection.html
wtm.info-people.fr/
Redirect Chain

http://wtm.info-people.fr/w/142959/20f7600cd6004b0543968d56d440b615/1078/610/?mid=c65c2b8a6f0515187df59b4b748782a8&ct=nl&n=5&l=o&u=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd...
http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&...

4 KB
2 KB

36ms
35ms

Document
text/html

2001:41d0:203:836d::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D

Protocol

HTTP/1.1

Server

2001:41d0:203:836d:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: wtm.info-people.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html

Response headers

server: nginx
date: Mon, 24 Aug 2020 02:07:34 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
x-request-id: 2A0104F8019254140000000000000002:A9AE_200141D00203836D0000000000000000:0050_5F4320E6_18B7368:0006

Redirect headers

server: nginx
date: Mon, 24 Aug 2020 02:07:34 GMT
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: post-check=0, pre-check=0
pragma: no-cache
location: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
strict-transport-security: max-age=63072000
x-request-id: 2A0104F8019254140000000000000002:A9AE_200141D00203836D0000000000000000:0050_5F4320E6_18B7366:0006

GET
H/1.1 200
OK http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming
wtm.info-people.fr/ 0
417 B 16ms
15ms Other
image/gif 2001:41d0:203:836d::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://wtm.info-people.fr/http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming

Requested by

Host: wtm.info-people.fr
URL: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D

Protocol

HTTP/1.1

Server

2001:41d0:203:836d:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:34 GMT
server: nginx
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: post-check=0, pre-check=0
content-length: 43
x-request-id: 2A0104F8019254140000000000000002:A9AE_200141D00203836D0000000000000000:0050_5F4320E6_18B736B:0006
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 cl.gif
r.phywi.org/ 43 B
421 B 46ms
15ms Image
image/gif 2001:41d0:303:41d3::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/cl.gif?m=20f7600cd6004b0543968d56d440b615

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:303:41d3:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:34 GMT
server: nginx
strict-transport-security: max-age=63072000
x-request-id: 2A0104F8019254140000000000000002:B0F0_200141D0030341D30000000000000000:01BB_5F4320E6_6530AD:0006
content-type: image/gif

GET
H2

200

20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/20f7600cd6004b0543968d56d440b615/
Redirect Chain

https://er.cloud-media.fr/r/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041
https://er.cloud-media.fr/c/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041

35 B
230 B

79ms
79ms

Image
image/gif

63.32.143.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://er.cloud-media.fr/c/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.143.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-143-59.eu-west-1.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:34 GMT
x-content-type-options: nosniff
server: awselb/2.0
content-length: 35
content-type: image/gif

Redirect headers

date: Mon, 24 Aug 2020 02:07:34 GMT
x-content-type-options: nosniff
server: awselb/2.0
status: 302
content-type: text/html;charset=utf-8
location: https://er.cloud-media.fr/c/20f7600cd6004b0543968d56d440b615/20305b1d-4a14-4990-b6a1-7765863e4041
content-length: 0
x-xss-protection: 1; mode=block

GET redirect.php
ep.la-meteo-mail.fr/tags/ 0
0

GET
H2

200

webo.gif
r.phywi.org/
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D20f7600cd6004b0543968d56d440b615%26wb%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D20f7600cd6004b0543968d56d440b615%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1880399622
https://r.phywi.org/webo.gif?md=20f7600cd6004b0543968d56d440b615&wb=HQhXCqc7H.pZJxtjm635lu

43 B
421 B

16ms
15ms

Image
image/gif

2001:41d0:303:41d3::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/webo.gif?md=20f7600cd6004b0543968d56d440b615&wb=HQhXCqc7H.pZJxtjm635lu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:41d0:303:41d3:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:34 GMT
server: nginx
strict-transport-security: max-age=63072000
x-request-id: 2A0104F8019254140000000000000002:B0F0_200141D0030341D30000000000000000:01BB_5F4320E6_6530AE:0006
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:34 GMT
via: 1.1 google
last-modified: Mon, 24 Aug 2020 02:07:34 GMT
server: nginx/1.12.0
status: 302
location: https://r.phywi.org/webo.gif?md=20f7600cd6004b0543968d56d440b615&wb=HQhXCqc7H.pZJxtjm635lu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

Primary Request royautes Show response
www.gala.fr/
Redirect Chain

http://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

136 KB
18 KB

171ms
131ms

Document
text/html

104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

7fb23c2d2f9cc991e9d1693fbca38ff6d3a5da47d364199fc2ebb711ac316be2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.gala.fr
:scheme: https
:path: /royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://wtm.info-people.fr/redirection.html?m=20f7600cd6004b0543968d56d440b615&c=fr&u=http%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&dc=pA62rwV3nbtwLwkizyi95u7D5c%2FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%2Bl4wNcxB5a1q81mlnW9THbr%2FqkqVAiKFnBaxDTST%2BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%2FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%3D%3D

Response headers

status: 200
content-type: text/html; charset=UTF-8
server-timing: intid;desc=6c95aad16ac1a332
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
x-generation-time: 0.050 @ Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
x-varnish-cache: PASS
accept-ranges: bytes
content-length: 17965
cache-control: public, max-age=281
date: Mon, 24 Aug 2020 02:07:35 GMT
vary: Accept-Encoding

Redirect headers

Content-Type: text/html; charset=UTF-8
server-timing: intid;desc=fa816f663f1cfb60
Location: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload; always;
X-Generation-Time: 0.009 @ Mon, 24 Aug 2020 02:07:35 GMT
X-Varnish-Cache: PASS
Content-Length: 646
Date: Mon, 24 Aug 2020 02:07:35 GMT
Connection: keep-alive

GET
H2 200 browsertools.js Show response
prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/ 37 KB
12 KB 81ms
20ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F47) /
Resource Hash: abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
age: 4016288
x-cache: HIT
status: 200
content-disposition: inline
content-length: 12282
access-control-allow-origin: *
last-modified: Wed, 08 Jul 2020 14:28:37 GMT
server: ECAcc (frc/8F47)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3D3p_lWqSnXtGjDig2igruLcio1ejXe
via: 1.1 8411105b12842016b4473f6d89a20f3f.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: Qxh4GdggvGPvf3wvNGZl-Sac2Gq114B7A5O2YTdSnA5Wg23FsxwS-Q==

GET
H2 200 core-ads.js Show response
prd2-tra.scds.pmdstatic.net/advertising-core/4.74.0/ 163 KB
50 KB 88ms
28ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/advertising-core/4.74.0/core-ads.js
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: 2fe27f7a543331a2a9668a1d48628be640e85756614f48086561942d81db7fbb

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
age: 315233
x-cache: HIT
status: 200
content-disposition: inline
content-length: 50919
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 10:32:47 GMT
server: ECAcc (frc/8F0A)
etag: W/"786a7e7849316d3b6af9c649a552ae68"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9plxRrSX2fZHVpSFrcLH2SPyDLO4q42p
via: 1.1 0b0cf39231f2e8a928723d3a28df13cd.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: zLkRsZw3EuMEqZ3VOBPY5g7DIDHmIITiNYKFl05xZLnvNoI4E9eP_g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8501c68e62a9d63debe5802627e9a1c7b339ca55841e8d37ee48806ec1287faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "611 / 533 of 1000 / last-modified: 1598051386"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18609
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:35 GMT

GET
H2 200 app.js Show response
prd2-tra.scds.pmdstatic.net/pmd-videoplayer/3.2.2/ 6 KB
2 KB 83ms
23ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/pmd-videoplayer/3.2.2/app.js
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E84) /
Resource Hash: 1a2007659142c1b92a0580c817a8fe50c652722174c85cfb0d52d18b57d7e90d

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
age: 7826363
x-cache: HIT
status: 200
content-disposition: inline
content-length: 2306
access-control-allow-origin: *
last-modified: Mon, 25 May 2020 11:37:20 GMT
server: ECAcc (frc/8E84)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cubU36ht0ep4A3650c5FxBRJ1KTSCZRH
via: 1.1 00828b9427382e6c3f2577388b5f26fe.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: Rsz9pKHCBcRCAwAvSOeLrAzYCIzMeHI0ZNw7ucTYsFWtj3dKcKbm8w==

GET
H2 200 1-304593abe7e1cc10d43d.min.css
www.gala.fr/assets/styles/ 55 KB
12 KB 20ms
19ms Stylesheet
text/css 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

15b7d3a85dd308f3cdd20a9cd8aa3c5637c58dfa2af0f2bd74b328029fac7fc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-length: 11313
last-modified: Wed, 12 Aug 2020 09:48:34 GMT
date: Mon, 24 Aug 2020 02:07:35 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-generation-time: 0.002 @ Wed, 12 Aug 2020 09:59:37 GMT
cache-control: public, max-age=30527504
accept-ranges: bytes
expires: Thu, 12 Aug 2021 09:59:19 GMT

GET
H2 200 category-304593abe7e1cc10d43d.min.css
www.gala.fr/assets/styles/ 6 KB
2 KB 23ms
23ms Stylesheet
text/css 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/styles/category-304593abe7e1cc10d43d.min.css

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

74d150f9e24f7f364b2ac7df7f32bf8c6d2d1481ed2ccb29c49f0ce696b5c221

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-length: 1510
last-modified: Wed, 12 Aug 2020 09:48:34 GMT
date: Mon, 24 Aug 2020 02:07:35 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-generation-time: 0.001 @ Wed, 12 Aug 2020 10:01:35 GMT
cache-control: public, max-age=30527658
accept-ranges: bytes
expires: Thu, 12 Aug 2021 10:01:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 57ms
37ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5634
date: Mon, 24 Aug 2020 00:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 24 Aug 2020 02:33:41 GMT

GET
H2 200 1
abo.prismamediadigital.com/gal/ Frame 1473 0
0 20ms
19ms Document
text/html 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.prismamediadigital.com/gal/1
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-210.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: abo.prismamediadigital.com
:scheme: https
:path: /gal/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
x-d-time: 4-69-624996-00001-572
x-generation-time: 0.029278993606567 @ 2020-08-24T04:06:13+02:00
x-s-misc: 78-168823-16369-4608-636
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-front-ttl: 180
served-by: prpmutprdweb02
content-length: 1168
accept-ranges: bytes
x-varnish-cache: HIT
x-varnish-cache-hits: 37
x-varnish-server: prpmutprdweb02
cache-control: public, must-revalidate, max-age=90, s-maxage=180
expires: Mon, 24 Aug 2020 02:09:05 GMT
date: Mon, 24 Aug 2020 02:07:35 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gala-image-par-defaut.png
www.gala.fr/assets/images/ 6 KB
6 KB 20ms
19ms Image
image/png 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gala.fr/assets/images/gala-image-par-defaut.png

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=27512886
accept-ranges: bytes
content-length: 5765
expires: Thu, 08 Jul 2021 12:35:41 GMT

GET
H2 200 nunito-sans-v5-latin-800.woff2
www.gala.fr/assets/fonts/ 16 KB
17 KB 19ms
19ms Font
application/octet-stream 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-800.woff2

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=27513039
accept-ranges: bytes
content-length: 16824
expires: Thu, 08 Jul 2021 12:38:14 GMT

GET
H2 200 nunito-sans-v5-latin-600.woff2
www.gala.fr/assets/fonts/ 17 KB
17 KB 22ms
22ms Font
application/octet-stream 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-600.woff2

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=27512963
accept-ranges: bytes
content-length: 16900
expires: Thu, 08 Jul 2021 12:36:58 GMT

GET
H2 200 nunito-sans-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 17 KB
17 KB 26ms
26ms Font
application/octet-stream 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/fonts/nunito-sans-v5-latin-regular.woff2

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=27512879
accept-ranges: bytes
content-length: 16920
expires: Thu, 08 Jul 2021 12:35:34 GMT

GET
H2 200 frank-ruhl-libre-v5-latin-700.woff2
www.gala.fr/assets/fonts/ 20 KB
20 KB 29ms
29ms Font
application/octet-stream 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-700.woff2

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=27512839
accept-ranges: bytes
content-length: 20288
expires: Thu, 08 Jul 2021 12:34:54 GMT

GET
H2 200 frank-ruhl-libre-v5-latin-regular.woff2
www.gala.fr/assets/fonts/ 19 KB
20 KB 33ms
33ms Font
application/octet-stream 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/fonts/frank-ruhl-libre-v5-latin-regular.woff2

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/assets/styles/1-304593abe7e1cc10d43d.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=27513017
accept-ranges: bytes
content-length: 19900
expires: Thu, 08 Jul 2021 12:37:52 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ 23 KB
9 KB 33ms
15ms Script
application/javascript 2606:4700::6810:9cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97dc8a67657675cc335cca70bf4298ea947319317bcd62e0781d0495f1b1bca3

Request headers

Origin: https://www.gala.fr
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 445669
cf-ray: 5c7985498e1dbf00-FRA
status: 200
cf-request-id: 04bfd1a1f50000bf00c21c7200000001
last-modified: Tue, 18 Aug 2020 08:19:29 GMT
server: cloudflare
etag: -613614813--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
619 B 21ms
7ms XHR
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?excludes=Promise&features=default

Requested by

Host: prd2-tra.scds.pmdstatic.net
URL: https://prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 8942040
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 13:13:15 GMT
date: Mon, 24 Aug 2020 02:07:35 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/2+Q/46

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=981928391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_gid=1177751373.1598234856&gjid=488571324&_v=j83&z=2054581028
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028&slf_rd=1&random=3944219374

42 B
470 B

39ms
24ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028&slf_rd=1&random=3944219374

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=2041317650&_v=j83&z=2054581028&slf_rd=1&random=3944219374
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sourcepoint.min.js Show response
prd2-tra.scds.pmdstatic.net/sourcepoint/2.5.0/ 67 KB
23 KB 55ms
16ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/sourcepoint/2.5.0/sourcepoint.min.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A9F) /
Resource Hash: ed940114798c297be0ff9896c291d010ad5921d46e089de36f19d78965917f0b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 7826364
x-cache: HIT
status: 200
content-disposition: inline
content-length: 22890
access-control-allow-origin: *
last-modified: Mon, 25 May 2020 11:42:18 GMT
server: ECAcc (ama/8A9F)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VaPKZAOjmjFFdurDF9oZKtoQ6edYtgMu
via: 1.1 a0315f0b67e5f02ccce009ce0a219e88.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: 1oivHfomLHvFg_vmPIoAB8IA_WTU5uheTTnkt3UtTURFWaWMes1QxA==

GET
H2 200 essentials-304593abe7e1cc10d43d.js Show response
www.gala.fr/assets/scripts/ 17 KB
7 KB 21ms
19ms XHR
application/javascript 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/scripts/essentials-304593abe7e1cc10d43d.js

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

61df33540aaf3ebf355188a380e2076db62e154ddef5b9b73af3a7b57485eac3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

X-INSTANA-T: 1ee6cdefff59ae8a
Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
X-INSTANA-S: 1ee6cdefff59ae8a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-INSTANA-L: 1,correlationType=web;correlationId=1ee6cdefff59ae8a

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-length: 6872
last-modified: Wed, 12 Aug 2020 09:48:34 GMT
date: Mon, 24 Aug 2020 02:07:35 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-generation-time: 0.001 @ Wed, 12 Aug 2020 10:00:29 GMT
cache-control: public, max-age=30527572
accept-ranges: bytes
expires: Thu, 12 Aug 2021 10:00:27 GMT

GET
H2 200 get_site_data Show response
consent.prismamedia.com/ 19 B
248 B 65ms
20ms XHR
text/plain 18.196.167.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.prismamedia.com/get_site_data?requestUUID=a095a32d-d284-4968-a104-8055f581e0c7&account_id=314&href=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.167.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-167-206.eu-central-1.compute.amazonaws.com
Software: Jetty(9.4.2.v20170220) /
Resource Hash: b9f9836c4b865e397e0a1a5cd7243f08855c9a70d0238b9508379a1e9732d1d0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
x-sp-mms-node: mms-at2.node.fra.consul
server: Jetty(9.4.2.v20170220)
status: 200
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.gala.fr
cache-control: max-age=2592000
access-control-allow-credentials: true

GET
H2 200 royautes Show response
www.gala.fr/ 136 KB
18 KB 19ms
19ms XHR
text/html 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

7fb23c2d2f9cc991e9d1693fbca38ff6d3a5da47d364199fc2ebb711ac316be2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-generation-time: 0.050 @ Mon, 24 Aug 2020 02:07:35 GMT
date: Mon, 24 Aug 2020 02:07:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: text/html; charset=UTF-8
status: 200
cache-control: public, max-age=280
server-timing: intid;desc=6c95aad16ac1a332
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17965
x-content-type-options: nosniff

GET
H2 200 core-ads.js Show response
prd2-tra.scds.pmdstatic.net/advertising-core/4.74.0/ 163 KB
50 KB 17ms
16ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/advertising-core/4.74.0/core-ads.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAE) /
Resource Hash: 2fe27f7a543331a2a9668a1d48628be640e85756614f48086561942d81db7fbb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 315234
x-cache: HIT
status: 200
content-disposition: inline
content-length: 50919
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 10:32:47 GMT
server: ECAcc (ama/8AAE)
etag: W/"786a7e7849316d3b6af9c649a552ae68"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9plxRrSX2fZHVpSFrcLH2SPyDLO4q42p
via: 1.1 0b0cf39231f2e8a928723d3a28df13cd.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: zLkRsZw3EuMEqZ3VOBPY5g7DIDHmIITiNYKFl05xZLnvNoI4E9eP_g==

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 75ms
28ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "611 / 661 of 1000 / last-modified: 1598051386"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18610
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:36 GMT

GET
H/1.1 200
OK 185598-69743361691179.js
js-sec.indexww.com/ht/p/ 44 KB
15 KB 552ms
511ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185598-69743361691179.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 02:05:27 GMT
Server: Apache
ETag: "904d63-af59-5ad9605311968"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 14835
Expires: Mon, 24 Aug 2020 03:07:36 GMT

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 82ms
34ms Script
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:02:58 GMT
content-encoding: gzip
server: Server
age: 278
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: k2OErpTC9Sdl44G2QDJxtpGFqDgQhbRvSYKUOS0l0AeP5Zx4gXe2OA==
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)

GET
H2 200 prebid.js
tra.scds.pmdstatic.net/advertising-core/4.74.0/ 300 KB
95 KB 24ms
21ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.74.0/prebid.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F24) /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 315271
x-cache: HIT
status: 200
content-disposition: inline
content-length: 96583
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 10:32:47 GMT
server: ECAcc (frc/8F24)
etag: W/"6fb6a3634cb5778129e4ffc09bf33de8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TZLiKwiljK1z5QUFSOssymhgpNaDaBMS
via: 1.1 d30b80e15d08db34625ccde343c59236.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: NwL9VccBAIVjHJW2FmZlFvH3Ez3-gNOdezbpaPbhpgHeBi-wjS_hIw==

GET
H2 200 gal-config.json
tra.scds.pmdstatic.net/advertising-core/4.74.0/brandsconfig/ 27 KB
4 KB 18ms
16ms Fetch
application/json 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/advertising-core/4.74.0/brandsconfig/gal-config.json
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B3A) /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 315210
x-cache: HIT
status: 200
content-disposition: inline
content-length: 3596
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 10:32:46 GMT
server: ECAcc (ama/8B3A)
etag: W/"6d27f48d6933f94e72f473a8f42ef735"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W.ntNZmYXUzTAnQkL2IkeKzOEIUhIDC_
via: 1.1 600423f2e5ca4aa7ee1f570d772003d4.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/json
x-ocdn: all-query
x-amz-cf-id: GtbcxpS4JnfhZhNMBtQQ9Oi7LM4iYBdX2PwrmjngaNE0ungfTZSq5w==

GET
H2 200 index.js Show response
prd2-tra.scds.pmdstatic.net/pmc-starter/3.8.0/assets/scripts/ 69 KB
22 KB 15ms
14ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/pmc-starter/3.8.0/assets/scripts/index.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B5F) /
Resource Hash: e3e063b3615c66865976b74b298515edd4f0e7618394e05fc07750c714ef182e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 1536416
x-cache: HIT
status: 200
content-disposition: inline
content-length: 22293
access-control-allow-origin: *
last-modified: Thu, 06 Aug 2020 07:19:55 GMT
server: ECAcc (ama/8B5F)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h2MJFhQIqcSyJKGy8ciEiS1Ul1JwQMct
via: 1.1 c7f3a97b2152b620b7783adf69f93909.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: NKQjcTMX4tPPE6l08QblGsEKABI1i76Gv-HXLaGlnLI1cJO0t22V1Q==

GET
H2 200 gtm.js
www.googletagmanager.com/ 154 KB
47 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR

Requested by

Host: prd2-tra.scds.pmdstatic.net
URL: https://prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47884
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Aug 2020 02:07:36 GMT

GET
H2 200 bookmark-statics.js
prd2-tra.scds.pmdstatic.net/bookmark/3.0.2/js/ 55 KB
19 KB 16ms
16ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/bookmark/3.0.2/js/bookmark-statics.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B3B) /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 5217086
x-cache: HIT
status: 200
content-disposition: inline
content-length: 18766
access-control-allow-origin: *
last-modified: Wed, 24 Jun 2020 16:55:20 GMT
server: ECAcc (ama/8B3B)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IojRNGDOFJihPaf4o40e7CnxxqalJ6g_
via: 1.1 3222648a6d70343df21c8c5701c2e521.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: cWZ_gPkAuZvSYEnK7F1tmpLxmXUo6hfvBSSpMERjKZTBuskW8zM_nA==

GET
H2 200 gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 43 B
317 B 60ms
20ms XHR
application/json 52.29.23.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=2667&requestUUID=a095a32d-d284-4968-a104-8055f581e0c7
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
status: 200
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

GET
H2 200 pmc_conf_prod_792248b183d0614a705c.js
tra.scds.pmdstatic.net/pmc-starter/3.8.0/assets/scripts/ 272 B
465 B 22ms
21ms Script
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.scds.pmdstatic.net/pmc-starter/3.8.0/assets/scripts/pmc_conf_prod_792248b183d0614a705c.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F43) /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 1536415
x-cache: HIT
status: 200
content-disposition: inline
content-length: 215
access-control-allow-origin: *
last-modified: Thu, 06 Aug 2020 07:19:55 GMT
server: ECAcc (frc/8F43)
etag: "0d96b28bd2258e04a1c11fabc88edebc+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: S3dP3ApCcZzVZOGqdv.uBZqpqdA5HVI1
via: 1.1 c910b8c55aaa61323d46558eaf519fe5.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: fODi0Gq_qf4hcRYitFoFyGR5FU3nc24wOdbgPhZOPddyzGpP_OXqZA==

GET
H2 200 0-7a2235b2247fb2acea67.js
www.gala.fr/assets/scripts/ 419 B
689 B 20ms
20ms XHR
application/javascript 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/scripts/0-7a2235b2247fb2acea67.js

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

X-INSTANA-T: b08ea4d0ff4e8dd
Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
X-INSTANA-S: b08ea4d0ff4e8dd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-INSTANA-L: 1,correlationType=web;correlationId=b08ea4d0ff4e8dd

Response headers

content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 08:50:10 GMT
server: nginx
status: 200
date: Mon, 24 Aug 2020 02:07:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=27439031
vary: Accept-Encoding
content-length: 280
expires: Wed, 07 Jul 2021 16:04:47 GMT

GET
H2 200 1-2fa5063b8e7064320d15.js
www.gala.fr/assets/scripts/ 16 KB
4 KB 20ms
20ms XHR
application/javascript 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/scripts/1-2fa5063b8e7064320d15.js

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

X-INSTANA-T: beee41ffa5306d07
Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
X-INSTANA-S: beee41ffa5306d07
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-INSTANA-L: 1,correlationType=web;correlationId=beee41ffa5306d07

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-length: 3945
last-modified: Wed, 12 Aug 2020 09:48:34 GMT
date: Mon, 24 Aug 2020 02:07:36 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-generation-time: 0.000 @ Wed, 12 Aug 2020 10:00:30 GMT
cache-control: public, max-age=30527598
accept-ranges: bytes
expires: Thu, 12 Aug 2021 10:00:54 GMT

GET
H2 200 category-304593abe7e1cc10d43d.js
www.gala.fr/assets/scripts/ 3 KB
2 KB 21ms
21ms XHR
application/javascript 104.111.232.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gala.fr/assets/scripts/category-304593abe7e1cc10d43d.js

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.232.210 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-232-210.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff

Request headers

X-INSTANA-T: 7952618e4470e326
Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
X-INSTANA-S: 7952618e4470e326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-INSTANA-L: 1,correlationType=web;correlationId=7952618e4470e326

Response headers

x-varnish-cache: PASS
content-security-policy: upgrade-insecure-requests; connect-src * https:; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob: data:; worker-src * blob: data:
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload; always;
content-length: 1432
last-modified: Wed, 12 Aug 2020 09:48:34 GMT
date: Mon, 24 Aug 2020 02:07:36 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-generation-time: 0.002 @ Wed, 12 Aug 2020 09:59:38 GMT
cache-control: public, max-age=30527515
accept-ranges: bytes
expires: Thu, 12 Aug 2021 09:59:31 GMT

GET
H2 200 newsletterBundle.js
prd2-tra.scds.pmdstatic.net/pmc-kit-components/2.15.1/ 70 KB
22 KB 14ms
14ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/pmc-kit-components/2.15.1/newsletterBundle.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AD4) /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 1104639
x-cache: HIT
status: 200
content-disposition: inline
content-length: 22236
access-control-allow-origin: *
last-modified: Tue, 11 Aug 2020 07:15:59 GMT
server: ECAcc (ama/8AD4)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WhQSTO5lSXn4N1PH_WsKh6YHZ3HGnCyj
via: 1.1 9d2c93ece5a5ccb2b5952a40f7502a04.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: qpvyPORnW1EPRtMMecdTeG5lRi449n9XrfG0xsar5WEUA_eNvbO6Ew==

GET
H2 200 optinBundle.js
prd2-tra.scds.pmdstatic.net/pmc-kit-components/2.15.1/ 8 KB
4 KB 16ms
16ms XHR
application/javascript 192.229.221.61
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://prd2-tra.scds.pmdstatic.net/pmc-kit-components/2.15.1/optinBundle.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B1A) /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
age: 1104639
x-cache: HIT
status: 200
content-disposition: inline
content-length: 3555
access-control-allow-origin: *
last-modified: Tue, 11 Aug 2020 07:15:59 GMT
server: ECAcc (ama/8B1A)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MEDK42DhCz2FJllJkaShcEGiXSultLDL
via: 1.1 866d9f0eb3772e2912781bd139212be3.cloudfront.net (CloudFront)
cache-control: max-age=31556952,s-maxage=31556952,public
x-amz-cf-pop: CDG3-C1
accept-ranges: bytes
content-type: application/javascript
x-ocdn: all-query
x-amz-cf-id: ya_-us3aSrRcyy7IRAAYn6bja3__3-u4UAHr3oG0s-UZv5l25c8RKQ==

GET
H2 200 meghan-markle-une-tete-brulee-ce-precieux-conseil-de-camilla-qu-elle-a-ignore.jpg
gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F23.2F256b8953-36c9-4ce9-910c-ca84f9515e88.2Ejpeg/420x420/quality/80/focus-point/8... 20 KB
20 KB 59ms
17ms XHR
image/jpeg 192.229.221.226
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F23.2F256b8953-36c9-4ce9-910c-ca84f9515e88.2Ejpeg/420x420/quality/80/focus-point/855%2C242/meghan-markle-une-tete-brulee-ce-precieux-conseil-de-camilla-qu-elle-a-ignore.jpg
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8ACC) / PHP/5.6.30-1~dotdeb+7.1
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 varnish
age: 27184
x-powered-by: PHP/5.6.30-1~dotdeb+7.1
x-cache: HIT
status: 200
content-length: 20583
last-modified: Sun, 23 Aug 2020 18:34:32 GMT
server: ECAcc (ama/8ACC)
x-varnish: 783682451
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
x-front-ttl: 31536000
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Photosphere
expires: Tue, 24 Aug 2021 02:07:35 GMT

GET
H2 200 rainier-et-grace-kelly-dans-les-coulisses-de-leur-coup-de-foudre.jpg
gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F06.2F39d727cd-24a1-4856-8170-e65f4ee8c60c.2Ejpeg/200x200/quality/80/focus-point/1... 9 KB
9 KB 55ms
14ms XHR
image/jpeg 192.229.221.226
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F06.2F39d727cd-24a1-4856-8170-e65f4ee8c60c.2Ejpeg/200x200/quality/80/focus-point/1877%2C1512/rainier-et-grace-kelly-dans-les-coulisses-de-leur-coup-de-foudre.jpg
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B6A) / PHP/5.6.30-1~dotdeb+7.1
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 varnish
age: 38161
x-powered-by: PHP/5.6.30-1~dotdeb+7.1
x-cache: HIT
status: 200
content-length: 8758
last-modified: Sun, 23 Aug 2020 15:31:35 GMT
server: ECAcc (ama/8B6A)
x-varnish: 573354476
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
x-front-ttl: 31536000
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Photosphere
expires: Tue, 24 Aug 2021 02:07:35 GMT

GET
H2 200 dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
boot.pubstack.io/v1/tag/ 1 KB
831 B 148ms
84ms Script
application/javascript 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pubstack.io/v1/tag/dbb1dd3d-4ef4-418b-8674-c575d2a7ac81
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:36 GMT
cache-control: private,max-age=120
content-encoding: gzip
content-length: 713
content-type: application/javascript

GET
H2 200 logic
sourcepoint.mgr.consensu.org/consent/v2/2667/ 2 KB
2 KB 24ms
24ms XHR
application/json 52.29.23.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.mgr.consensu.org/consent/v2/2667/logic?hasConsentData&consentedToAny&rejectedAny&consentedToAll&requestUUID=a095a32d-d284-4968-a104-8055f581e0c7&scriptV2=true&withSiteActions=true&mmsDomain=https%3A%2F%2Fconsent.prismamedia.com
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
status: 200
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 1549

OPTIONS
H2 200 ping
api.prismaconnect.fr/prd/ Frame 0
0 143ms
93ms Other
application/json 13.226.155.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Protocol: H2
Server: 13.226.155.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-14.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-pmc-app-id
Origin: https://www.gala.fr
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
date: Mon, 24 Aug 2020 02:07:36 GMT
x-amzn-requestid: 3f91bee2-e303-4c2d-a48b-5acb4b0d76db
access-control-allow-origin: https://www.gala.fr
access-control-allow-headers: x-pmc-app-id,X-Api-Key,facebook-token,google-token,apple-token,content-type,x-pmc-jwt
x-amz-apigw-id: RwIUUEUYjoEF1Mg=
access-control-allow-methods: OPTIONS,GET
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MQQBFN6FuieSHS6Z0fORIWwfFRkT9uRXBJO-wnZi-fMrDqEHMiSbAA==

GET
H2 200 ping
api.prismaconnect.fr/prd/ 17 B
489 B 261ms
211ms Fetch
application/json 13.226.155.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prismaconnect.fr/prd/ping
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-14.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
x-pmc-app-id: 3af9f6e1-638a-4c8d-bd36-a2918405d311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amzn-requestid: 6f199efe-01f0-48aa-8f1c-7ce2d6572483
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.gala.fr
access-control-expose-headers: x-pmc-jwt
x-amzn-trace-id: Root=1-5f4320e8-205d97ec8253bae34dbe5e7c;Sampled=0
server-timing: intid;desc=c7cf37731cfd534d
access-control-allow-credentials: true
x-amz-apigw-id: RwIUWE_UjoEF2yA=
content-length: 17
x-amz-cf-id: EUdJ2H6EI6e3HzaWzchP49kR4uqVHpBtDyhbEgK5J4xJZWp6w_ccdw==

GET
H2 200 message_url
consent.prismamedia.com/mms/v2/ 2 KB
3 KB 78ms
26ms XHR
application/json 18.196.167.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.prismamedia.com/mms/v2/message_url?requestUUID=a095a32d-d284-4968-a104-8055f581e0c7&account_id=314&abp=false&href=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&consentUUID=3f09730f-621a-41ae-9056-318eb7010e97&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fsourcepoint.mgr.consensu.org%3A2667%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Anull%2C%5C%22rejectedAny%5C%22%3Anull%2C%5C%22consentedToAll%5C%22%3Anull%2C%5C%22consentUUID%5C%22%3A%5C%223f09730f-621a-41ae-9056-318eb7010e97%5C%22%7D%22%7D%5D&stage_campaign=false&cookie=%5B%22_sp_enable_dfp_personalized_ads%3Dfalse%22%5D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.167.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-167-206.eu-central-1.compute.amazonaws.com
Software: Jetty(9.4.2.v20170220) /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
x-sp-mms-node: mms-aqc.node.fra.consul
server: Jetty(9.4.2.v20170220)
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.gala.fr
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-sp-mms-env: 1
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/2+Q/46 200 pubads_impl_2020082001.js
securepubads.g.doubleclick.net/gpt/ 258 KB
91 KB 63ms
36ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Aug 2020 08:39:59 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92724
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:36 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F06.2F39d727cd-24a1-4856-8170-e65f4ee8c60c.2Ejpeg/200x200/quality/80/focus-point/1877%2C1512/rainier-et-grace-kelly-dans-les-coulisses-de-leur-coup-de-foudre.jpg
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B6A) / PHP/5.6.30-1~dotdeb+7.1
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 varnish
age: 38161
x-powered-by: PHP/5.6.30-1~dotdeb+7.1
x-cache: HIT
status: 200
content-length: 8758
last-modified: Sun, 23 Aug 2020 15:31:35 GMT
server: ECAcc (ama/8B6A)
x-varnish: 573354476
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
x-front-ttl: 31536000
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Photosphere
expires: Tue, 24 Aug 2021 02:07:35 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gal.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2Fgal.2F2020.2F08.2F23.2F256b8953-36c9-4ce9-910c-ca84f9515e88.2Ejpeg/420x420/quality/80/focus-point/855%2C242/meghan-markle-une-tete-brulee-ce-precieux-conseil-de-camilla-qu-elle-a-ignore.jpg
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.226 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8ACC) / PHP/5.6.30-1~dotdeb+7.1
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 varnish
age: 27184
x-powered-by: PHP/5.6.30-1~dotdeb+7.1
x-cache: HIT
status: 200
content-length: 20583
last-modified: Sun, 23 Aug 2020 18:34:32 GMT
server: ECAcc (ama/8ACC)
x-varnish: 783682451
access-control-allow-origin: *
access-control-expose-headers: X-Photosphere
cache-control: max-age=31536000, public, s-maxage=31536000
x-front-ttl: 31536000
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Photosphere
expires: Tue, 24 Aug 2021 02:07:35 GMT

POST
H2 200 /
eum-eu-west-1.instana.io/ 0
340 B 56ms
40ms Other
text/plain 2606:4700::6810:9df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5c79854bef09323c-FRA
content-length: 0
cf-request-id: 04bfd1a3700000323c6f070200000001

GET
H/2+Q/46 200 gtm.js
www.googletagmanager.com/ 81 KB
30 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29991
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:36 GMT

GET
H/2+Q/46

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=981928391&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcomi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_gid=1177751373.1598234856&gjid=2025753896&_v=j83&z=36962327
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327&slf_rd=1&random=1952823444

42 B
64 B

19ms
18ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327&slf_rd=1&random=1952823444

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18383854-2&cid=527269385.1598234856&jid=1431368321&_v=j83&z=36962327&slf_rd=1&random=1952823444
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 71ms
24ms XHR
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 23 Aug 2020 08:02:48 GMT
content-encoding: gzip
vary: Origin
age: 65089
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 07:51:21 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: NTR-ks_BpFxFc3CslqbgxZGLL86fVV6gmgKsWUwwDiYMnY11cydn8Q==

GET
H2 200 monitoring-1dd7c67.js
cdn.pbstck.com/ 108 KB
33 KB 39ms
21ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/monitoring-1dd7c67.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 319100
x-guploader-uploadid: AAANsUl_MqyGUu66tnS34Hnrq3XfkSC_6dNqO-ewYc7iSzroFyW7_symu5KsIkzYKHpOMWU-sCzo0hEl5qIEHLiJNRw
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04bfd1a3aa0000dfd3efb7b200000001
last-modified: Thu, 20 Aug 2020 09:19:38 GMT
server: cloudflare
etag: W/"ea30695a869c67c576ac874fb1c1bcb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=66FPAw==, md5=6jBpWoacZ8V2rIdPscG8uQ==
x-goog-generation: 1597915178720149
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 33291
cf-ray: 5c79854c4aa7dfd3-FRA
expires: Thu, 27 Aug 2020 09:28:55 GMT

GET
H2 200 /
notice.sp-prod.net/ Frame 28D7 0
0 70ms
22ms Document
text/html 13.226.155.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notice.sp-prod.net/?message_id=187010&mms_origin=https://consent.prismamedia.com/mms/v2
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-93.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: notice.sp-prod.net
:scheme: https
:path: /?message_id=187010&mms_origin=https://consent.prismamedia.com/mms/v2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
content-type: text/html
last-modified: Thu, 13 Aug 2020 17:40:33 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 24 Aug 2020 01:34:58 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QjdbRczj9INv0KHVXrNMcQ_51MPLO28OpQHgOLkm53pTEsLWFq-kcg==
age: 1959

GET
H/1.1 200
OK inscription-nl.min.js
static.coreg-feed.com/gala/js/ 17 KB
18 KB 121ms
22ms Script
application/x-javascript 13.226.155.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.coreg-feed.com/gala/js/inscription-nl.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:23 GMT
Via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Oct 2015 12:44:19 GMT
Server: AmazonS3
Age: 14
ETag: "b63bc13d825b3adf1a5cd620ecd38a99"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 17596
X-Amz-Cf-Id: EAU1M7XdFtciEpCQB5CFk1uEa1BG4uj3i1Cpzqamw6PmjlgNQfNCvA==

GET
H2 200 4fe9b272e52489e523fd4b04c6a40353.js
try.abtasty.com/ 213 KB
64 KB 33ms
6ms Script
application/javascript 2a02:26f0:6c00:29e::1eae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/4fe9b272e52489e523fd4b04c6a40353.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4CHHR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29e::1eae , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 13:15:25 GMT
etag: W/"3efcb336dc96b3c53f124aff04e9a74d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: private, max-age=30
timing-allow-origin: *
content-length: 65462

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: MqtNrfcEpxFtV6WYOOcp0gHjhTyTCERozkUMD1Rue75hmJrtxW6Qo3Cej5Wjc3Bq9cXnXlaIKv78PqAqC++i9Q==
x-fb-trip-id: 2050070850
x-frame-options: DENY
date: Mon, 24 Aug 2020 02:07:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sr-gala.js
js.antvoice.com/ 86 KB
19 KB 62ms
16ms Script
text/javascript 35.190.89.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.antvoice.com/sr-gala.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.89.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.89.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 23 Aug 2020 06:18:41 GMT
content-encoding: gzip
age: 71335
x-guploader-uploadid: AAANsUluSWfQ36cVQkfhnNtiVtZN32K7aqw5_imxrOfq-jGANN_9j8-QaflwXGDuYzapHjIzM-pDs57Ko9M_KFi4YA
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 18814
last-modified: Fri, 07 Aug 2020 14:05:32 GMT
server: UploadServer
etag: "243a951e61568b3d8420afe88a209fa9"
vary: Accept-Encoding
x-goog-hash: crc32c=lggauQ==, md5=JDqVHmFWiz2EIK/oiiCfqQ==
x-goog-generation: 1596809132576842
access-control-allow-origin: *
cache-control: public, max-age=604800
x-goog-stored-content-length: 18814
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 30 Aug 2020 06:18:41 GMT

GET
H2 200 itm.js
itm.ivitrack.com/v1/gala/ 5 KB
5 KB 57ms
13ms Script
application/javascript 35.190.76.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.ivitrack.com/v1/gala/itm.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.76.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.76.190.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 01:34:19 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
age: 1997
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 4794
via: 1.1 google

GET
H/1.1 200
OK tag.js
cdn-alliancegravity.s3.amazonaws.com/js/tag/ 1 KB
2 KB 130ms
36ms Script
application/javascript 52.95.154.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-alliancegravity.s3.amazonaws.com/js/tag/tag.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.154.23 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-west-3.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Last-Modified: Tue, 30 Apr 2019 14:36:14 GMT
Server: AmazonS3
x-amz-request-id: 8PCVAN9PBY5ZBZDG
ETag: "aca822d6372c94dc31471ae8553b301c"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1481
x-amz-id-2: bQi7Y2oCkL1Ag+Ro0h80tildLRFr7HYBSZeXpKxH/A0ybRHaK/1VJZNPdTyEs26uC4Mlq7SR9BM=

GET
H2 200 on-1.0.min.js
tag.audience.acpm.fr/js/ 5 KB
5 KB 128ms
31ms Script
text/javascript 34.250.197.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.audience.acpm.fr/js/on-1.0.min.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.197.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-197-125.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
last-modified: Sun, 23 Aug 2020 20:59:35 GMT
server: openresty/1.15.8.3
etag: "1329-5ad91bf5d0d9f"
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 4905

GET
H/1.1 200
OK containr.js
cdn.mookie1.com/ 9 KB
3 KB 81ms
29ms Script
application/x-javascript 104.111.228.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mookie1.com/containr.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.229 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2914
Last-Modified: Mon, 10 Aug 2020 09:07:44 GMT
Server: AkamaiNetStorage
ETag: "8f5f53d5b64e59d57197d421b1e569c0:1597050464.73302"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 24 Aug 2020 02:08:36 GMT

GET
H/1.1 200
OK mailNotification.php
adtrack.adleadevent.com/ 0
464 B 124ms
31ms Script
application/x-javascript 54.247.110.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=d7eac3c7-894a-4848-9c8a-2657d0877258&t=site
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.110.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-110-128.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 02:07:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.js
js.agkn.com/prod/v0/ 3 KB
3 KB 41ms
8ms Script
application/javascript 2600:9000:2182:a400:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:a400:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 00:58:30 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 4147
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: TQgIPL1g-OOapuIC3fmcPQtzmDMsh6jVrzVglFUj0XclyiZ7QHaEBQ==

GET
H/1.1 200
OK client.js
asset.easydmp.net/js/ 6 KB
3 KB 320ms
17ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=221977

Requested by

Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jul 2020 09:12:31 GMT
ETag: "5f155fff-a85"
X-IPLB-Instance: 24041
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 2693

GET
H2 200 ats.js
ats.rlcdn.com/ 177 KB
58 KB 186ms
129ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
content-encoding: gzip
x-guploader-uploadid: AAANsUmv5ZGlHStfUDzxvNf_s9rrrhKS5QKMZgthoXDJjwzz-tm21QEySK4LJ3BNWiW_a1fKK_jYjtACBP54r9uvV1eVshKtRw
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 58969
last-modified: Wed, 12 Aug 2020 09:59:10 GMT
server: UploadServer
etag: "012e8cb48d25be073999c02f238f6625"
x-goog-hash: crc32c=r0e/4g==, md5=AS6MtI0lvgc5mcAvI49mJQ==
x-goog-generation: 1597226350392352
cache-control: no-transform
x-goog-stored-content-length: 58969
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 24 Aug 2021 02:07:36 GMT

GET
H/1.1 200
OK obtp.js
amplify.outbrain.com/cp/ 6 KB
3 KB 67ms
19ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2020 06:46:19 GMT
Server: AkamaiNetStorage
ETag: "0e73951387d5f29371176e76c57bc02c:1595832379.898009"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2622
Expires: Mon, 24 Aug 2020 02:27:36 GMT

GET
H2 200 msq_cookie_sync.js
cdn.mediasquare.fr/scripts/ 2 KB
917 B 68ms
22ms Script
text/javascript 46.105.198.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediasquare.fr/scripts/msq_cookie_sync.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK7QRQ4&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.198.136 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-handled-by: debug.audiencesquare.com
date: Mon, 24 Aug 2020 01:49:04 GMT
content-encoding: br
x-cacheable: Matched cache
x-cache-status: HIT
status: 200
x-cdn-pop: rbx1
content-length: 531
x-request-id: 365101523
last-modified: Tue, 11 Aug 2020 12:46:12 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "1bfab8a-61d-5ac9974bbed00"
x-iplb-instance: 35371
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
expires: Mon, 24 Aug 2020 02:26:04 GMT

GET
H2

200

v2
odr.mookie1.com/t/
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_623639&gtmcb=760900240
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10815394505722648268&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10815394505722648268&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7...
https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=94a84f70-e5ae-11ea-9d81-2636ec5c4fb0

43 B
493 B

20ms
19ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=94a84f70-e5ae-11ea-9d81-2636ec5c4fb0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
status: 302
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=94a84f70-e5ae-11ea-9d81-2636ec5c4fb0
strict-transport-security: max-age=31536000
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

/
prismashop.commander1.com/v3/
Redirect Chain

https://prismashop.commander1.com/v3/?tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017

43 B
985 B

32ms
32ms

Image
image/png

15.237.35.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.237.35.218 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-237-35-218.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private
Date: Mon, 24 Aug 2020 02:07:36 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Expires: Sun, 22 Nov 20 04:07:36 +0100

Redirect headers

Pragma: private
Date: Mon, 24 Aug 2020 02:07:36 GMT
Server: web
location: https://prismashop.commander1.com/v3/?firsttime=1&tcs=2103&rand=$cachebuster$&chn=sites-editos&src=gal-fr&cmp=sie-gal-2017&vson=header-gal-2017
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html
Expires: Sun, 22 Nov 20 04:07:36 +0100

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 350ms
86ms Image
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=002533c3569d0ed02c40f1a4efb6bb2eb6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Cache-Control: no-cache
X-TraceId: 87aefefd3fd328033b1903f78092a46d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1

200

5.gif
id5-sync.com/c/164/19/5/
Redirect Chain

https://id5-sync.com/i/164/9.gif?gdpr=1&gdpr_consent=
https://id5-sync.com/c/164/0/9/1.gif?gdpr=1&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26g...
https://id5-sync.com/c/164/3/8/2.gif?puid=9f665f43-20e8-4200-bc17-e0e95ba0bca9&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F7%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOrj8X4-PzhiFAeRU2O2HX0D9Sc4MYlza2TyLkQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F164%2F124%2F7%2F3.gif%3Fp...
https://id5-sync.com/cq/164/124/7/3.gif?puid=1bd56132-bdc5-4c0b-a210-fb53f52f3c75&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/164/203/6/4.gif?puid=df23b363-168d-4200-a09e-c8d52f1006ce&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/164/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/164/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/164/19/5/5.gif?puid=42967d371b0c51446813190941444c51&gdpr=1&gdpr_consent=

43 B
1 KB

22ms
21ms

Image
image/gif

54.36.109.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/164/19/5/5.gif?puid=42967d371b0c51446813190941444c51&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.49 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p04.id5-sync.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:36 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:37 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://id5-sync.com/c/164/19/5/5.gif?puid=42967d371b0c51446813190941444c51&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.29.101
content-length: 0
expires: 0

GET
H2 200 453617084824724
connect.facebook.net/signals/config/ 524 KB
132 KB 75ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/453617084824724?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: LvmGMXQRZjrZowJFpKZhUBarrPLRrgDWpzEDxEJEupU8P4i3mVO9RNWfffUc0AKNYE0JHWsIs4uFWoI+e6ai0Q==
x-fb-trip-id: 2050070850
x-frame-options: DENY
date: Mon, 24 Aug 2020 02:07:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 itm.html
itm.ivitrack.com/v1/taboola-iframe/ Frame AFE6 0
0 30ms
12ms Document
text/html 35.190.76.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.ivitrack.com/v1/taboola-iframe/itm.html
Requested by: Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.76.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.76.190.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

:method: GET
:authority: itm.ivitrack.com
:scheme: https
:path: /v1/taboola-iframe/itm.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
server: istio-envoy
date: Mon, 24 Aug 2020 01:20:57 GMT
content-type: text/html; charset=utf-8
content-length: 1284
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
age: 2799
cache-control: public, max-age=3600
alt-svc: clear

GET
H2 200 itm.html
itm.ivitrack.com/v1/liveramp-iframe/ Frame 3484 0
0 30ms
12ms Document
text/html 35.190.76.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.ivitrack.com/v1/liveramp-iframe/itm.html
Requested by: Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/gala/itm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.76.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.76.190.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

:method: GET
:authority: itm.ivitrack.com
:scheme: https
:path: /v1/liveramp-iframe/itm.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
server: istio-envoy
date: Mon, 24 Aug 2020 01:20:59 GMT
content-type: text/html; charset=utf-8
content-length: 949
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
age: 2797
cache-control: public, max-age=3600
alt-svc: clear

GET
H2 200 cookie.html
cross-prod.antvoice.com/ Frame 799A 0
0 16ms
14ms Document
text/html 35.190.89.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cross-prod.antvoice.com/cookie.html?v=20160624
Requested by: Host: js.antvoice.com
URL: https://js.antvoice.com/sr-gala.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.89.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.89.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: cross-prod.antvoice.com
:scheme: https
:path: /cookie.html?v=20160624
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
x-guploader-uploadid: AAANsUnHP5L1ICMM_AjrR5G_muB0cja-H_qACyapFMTFLS78NF8G95dFm392aFmqra7JosXhWP1fnV8gHo-LJpwNMfU
date: Fri, 07 Aug 2020 14:07:57 GMT
expires: Sat, 07 Aug 2021 14:07:57 GMT
last-modified: Thu, 09 May 2019 08:07:05 GMT
etag: "394af810d0d0ac6336cb9381158fc56e"
x-goog-generation: 1557389225986260
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4053
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=QKorqw== md5=OUr4ENDQrGM2y5OBFY/Fbg==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4053
access-control-allow-origin: *
server: UploadServer
cache-control: public, max-age=315360000
age: 1425579
alt-svc: clear

POST
H2 200 ua-parser
dcinfos-cache.abtasty.com/v1/ 112 B
322 B 50ms
21ms Fetch
application/json 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.231.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
via: 1.1 google
age: 0
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-varnish: 40389960
x-re: 0
access-control-allow-origin: *
x-len: 129
grpc-metadata-content-type: application/grpc
accept-ranges: bytes
content-type: application/json
alt-svc: clear
content-length: 112

GET
H2 200 274074216527
auth.audience.acpm.fr/ 85 B
267 B 99ms
32ms XHR
text/plain 52.51.34.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.audience.acpm.fr/274074216527
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.34.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-34-169.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:36 GMT
status: 200
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 85
x-application-context: Auth
expires: 0

GET
H2 200 /
d.agkn.com/iframe/8613/ Frame CE1C 0
0 36ms
14ms Document
text/html 2600:9000:2182:fe00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=638771716&gdpr=1&gdpr_consent=&ref=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&bpid=prisma&c=%7B%22bpid%22%3A%22prisma%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22royautes%3Futm_source%3Dwelcoming%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Demailwelcoming%22%2C%22brd%22%3A%22Gala%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:fe00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

:method: GET
:authority: d.agkn.com
:scheme: https
:path: /iframe/8613/?che=638771716&gdpr=1&gdpr_consent=&ref=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&bpid=prisma&c=%7B%22bpid%22%3A%22prisma%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22royautes%3Futm_source%3Dwelcoming%26amp%3Butm_medium%3Dcpc%26amp%3Butm_campaign%3Demailwelcoming%22%2C%22brd%22%3A%22Gala%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
content-type: text/html;charset=UTF-8
content-length: 482
cache-control: no-cache, must-revalidate
date: Mon, 24 Aug 2020 02:07:36 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
set-cookie: ab=0001%3AuPt8bRLPNFIYM686d6ImcrvA4IDzVj3P;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAm1d1oJtXdaAAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
x-cache: Miss from cloudfront
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: VgQyXSkHdtS-UwNQ-aODvHalwjJQX7uUVTa4k9bkanFVeiPg5xTIKA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453617084824724&ev=PageView&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&rl=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&if=false&ts=1598234856981&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598234856980.291925557&it=1598234856755&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 02:07:36 GMT

GET
H2 200 274074216527
collecte.audience.acpm.fr/m/web/ 35 B
218 B 33ms
32ms Image
image/gif 34.250.197.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collecte.audience.acpm.fr/m/web/274074216527?n=261425003&tn=on-ts&v=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.197.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-197-125.eu-west-1.compute.amazonaws.com
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:37 GMT
server: openresty/1.15.8.3
content-length: 35
content-type: image/gif

POST
H2 200 /
eum-eu-west-1.instana.io/ 0
190 B 73ms
73ms Other
text/plain 2606:4700::6810:9df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5c7985506ce7323c-FRA
content-length: 0
cf-request-id: 04bfd1a6440000323c6f0bc200000001

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 346ms
86ms Image
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c8bc6ea6946b8e7d608e3cf1a6b3e018&obApiVersion=1.1&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&optOut=false&bust=004654275924805362
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: df45724f7f6ebfb1e5fbb76f2bd279ed
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 87ms
86ms Image
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=00c8bc6ea6946b8e7d608e3cf1a6b3e018&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&bust=009298734310259538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Cache-Control: no-cache
X-TraceId: 432cb5696b3ca501fa8ef69a607d3b8e
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 350ms
88ms Image
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=0088c68ec792cf8d4ecdd00a532f69c9fc&obApiVersion=1.1&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&optOut=false&bust=09380038883631883
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 7dd97cc49ed149520f36757cff73ce08
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 175ms
87ms Image
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=0088c68ec792cf8d4ecdd00a532f69c9fc&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&bust=031378420802385953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 02:07:37 GMT
Cache-Control: no-cache
X-TraceId: 87ad058ee7565ace9c5db561eaabfac9
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H2 200 /
ariane.abtasty.com/ 43 B
335 B 47ms
19ms Fetch
image/gif 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.231.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Mon, 24 Aug 2020 02:07:37 GMT
status: 200
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://www.gala.fr
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453617084824724&ev=Microdata&dl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&rl=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&if=false&ts=1598234857484&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Royaut%C3%A9s%20%3A%20articles%2C%20vid%C3%A9os%2C%20photos%20...%20sur%20Gala.fr%22%2C%22meta%3Adescription%22%3A%22Tous%20les%20articles%20Royaut%26eacute%3Bs%20sur%20Gala.fr.%20Vivez%20au%20rythme%20des%20stars%20avec%20Gala.fr.%20Leur%20actualit%26eacute%3B%2C%20leurs%20biographies%2C%20leurs%20secrets%2C%20leur%20vie%20au%20quoti...%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Gala.fr%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_campaign%3Demailwelcoming%26utm_medium%3Dcpc%26utm_source%3Dwelcoming%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Royaut%C3%A9s%20%3A%20articles%2C%20vid%C3%A9os%2C%20photos%20...%20sur%20Gala.fr%22%2C%22og%3Adescription%22%3A%22Tous%20les%20articles%20Royaut%26eacute%3Bs%20sur%20Gala.fr.%20Vivez%20au%20rythme%20des%20stars%20avec%20Gala.fr.%20Leur%20actualit%26eacute%3B%2C%20leurs%20biographies%2C%20leurs%20secrets%2C%20leur%20vie%20au%20quotidien....%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598234857483.2008275278&it=1598234856755&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 02:07:37 GMT

GET
H2

200

SyncId
ads.avads.net/ThirdParty/
Redirect Chain

https://secure.adnxs.com/getuid?https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.avads.net%2FThirdParty%2FSyncId%3FoId%3D63%26mId%3Da81ee4e0-e263-4cea-8cec-ec48da474fe7%26tp%3D1%26tpId%3D%24UID
https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=3359204689471533558

35 B
75 B

61ms
24ms

Image
image/gif

35.205.207.25
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=3359204689471533558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:37 GMT
x-envoy-upstream-service-time: 7
server: istio-envoy
accept-ranges: bytes
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:37 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: 7628eb94-13f7-4e19-a62f-6dd1bacbcde7
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.avads.net/ThirdParty/SyncId?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&tp=1&tpId=3359204689471533558
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
avads.net/ThirdParty/SyncDoubleClick/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm&oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7
https://cm.g.doubleclick.net/pixel?google_nid=antvoice_dmp&google_cm=&oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_tc=
https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_gid=CAESEAcwf1Mxo-R-IOEdlqf5fA0&google_cver=1

35 B
145 B

23ms
22ms

Image
image/gif

35.205.207.25
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_gid=CAESEAcwf1Mxo-R-IOEdlqf5fA0&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 02:07:37 GMT
x-envoy-upstream-service-time: 4
server: istio-envoy
accept-ranges: bytes
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:37 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://avads.net/ThirdParty/SyncDoubleClick/?oId=63&mId=a81ee4e0-e263-4cea-8cec-ec48da474fe7&google_gid=CAESEAcwf1Mxo-R-IOEdlqf5fA0&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK multi
abs.proxistore.com/fr/v3/rtb/prebid/ Frame 0
0 84ms
20ms Other
text/plain 18.196.208.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abs.proxistore.com/fr/v3/rtb/prebid/multi
Protocol: HTTP/1.1
Server: 18.196.208.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-208-66.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gala.fr
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.gala.fr
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/octet-stream text/plain; charset=utf-8
Date: Mon, 24 Aug 2020 02:07:39 GMT
Pragma: : no-cache
Server: nginx/1.16.1
Content-Length: 0
Connection: keep-alive

POST
H2 200 auction
tlx.3lift.com/header/ 19 B
293 B 67ms
24ms XHR
application/json 3.122.165.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.27.0&referrer=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&tmax=2000&gdpr=false

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.165.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-165-204.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
x-auction-status: 12, 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v1
hb-api.omnitagjs.com/hb-api/prebid/ 370 B
340 B 269ms
214ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&CanonicalUrl=https%3A%2F%2Fwww.gala.fr%2Froyautes

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
x-envoy-upstream-service-time: 190
vary: Accept-Encoding
content-length: 201
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK v1
prg.smartadserver.com/prebid/ 0
1 KB 159ms
107ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
x-smrt-d: 6%3b6%3b57
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK v1
prg.smartadserver.com/prebid/ 0
319 B 76ms
25ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb
bidder.criteo.com/ 0
141 B 41ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=94581887205
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 24 Aug 2020 02:07:38 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.gala.fr
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK multi
abs.proxistore.com/fr/v3/rtb/prebid/ 2 B
1 KB 106ms
45ms XHR
application/json 18.196.208.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.proxistore.com/fr/v3/rtb/prebid/multi

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.208.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-208-66.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Server: nginx/1.16.1
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-server: nginx4
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, nofollow
Expires: 0

GET
H2 200 cygnus
htlb.casalemedia.com/ 5 KB
4 KB 264ms
221ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=262047&v=7.2&r=%7B%22id%22%3A%2218e0a894158f94b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219dd43a99286b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222053d094dc776f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221b22c42797e70d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2222fe19bc3fca349%22%2C%22ext%22%3A%7B%22siteID%22%3A%22351297%22%2C%22sid%22%3A%221800x1000%22%7D%2C%22banner%22%3A%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223d48bd5317c1aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222498d00d6484e22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219dd43a99286b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%221000x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219dd43a99286b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262047%22%2C%22sid%22%3A%221000x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A200%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223d48bd5317c1aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223d48bd5317c1aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223d48bd5317c1aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262783%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.gala.fr
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 3452
expires: Mon, 24 Aug 2020 02:07:39 GMT

GET
H/1.1 200
OK bidRequest
c2shb.ssp.yahoo.com/ 62 B
382 B 117ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_ban_atf_-_728x90&cmd=bid&secure=1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: ATS/7.1.2.113
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.gala.fr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest
c2shb.ssp.yahoo.com/ 62 B
382 B 110ms
67ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_paveatf_-_300x250&cmd=bid&secure=1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: ATS/7.1.2.113
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.gala.fr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
864 B 65ms
35ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid: 29392336-1e93-465c-81c1-e6e0fd1e65aa
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK msq_prebid
pbs-front.mediasquare.fr/ 508 B
755 B 298ms
206ms XHR
application/json 137.74.125.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs-front.mediasquare.fr/msq_prebid
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.125.156 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
Content-Encoding: gzip
Server: Apache
X-IPLB-Instance: 36495
Vary: Accept-Encoding,Origin
P3P: policyref="https://www.mediasquare.fr/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/json

GET
H/1.1 200
OK fastlane.json
fastlane.rubiconproject.com/a/api/ 265 B
2 KB 321ms
260ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979504&size_id=2&alt_size_ids=55%2C57%2C58%2C68&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&tk_flint=pbjs_lite_v3.27.0&x_source.tid=b02ce7fc-45e5-4a6f-8852-d2c5818793e9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.16722335475496286
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 265
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json
fastlane.rubiconproject.com/a/api/ 264 B
2 KB 316ms
254ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979508&size_id=15&alt_size_ids=9%2C8%2C10%2C198&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&tk_flint=pbjs_lite_v3.27.0&x_source.tid=e569c5c7-153c-4931-a3ec-18c839754eb7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9411218352674522
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
864 B 44ms
18ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: fe241f7a-a762-4e0e-86da-265fd9405611
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 55ms
55ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3279&u=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&pr=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&pid=wwYk82wIr3XnK&cb=0&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Froyautes-hp%2Fliste%2FBanniere-Haute%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Froyautes-hp%2Fliste%2FPave-Haut%22%7D%5D&gdprl=%7B%22cmpTimeout%22%3A3000%2C%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:39 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gala.fr
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RxeHcZXfDm-1WT6RYh-YL52IW7WTudCFOHJVEVFlw2ogM4xAkF90Ig==

GET
H2 200 bid
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 55ms
55ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3279&u=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&pr=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&pid=wwYk82wIr3XnK&cb=1&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F228216569%2FGala%2Froyautes-hp%2Fliste%2FPave-Bas%22%7D%5D&gdprl=%7B%22cmpTimeout%22%3A3000%2C%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:39 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gala.fr
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EGuMPAgNY4K0sKLKosWJ3LVzmIjVgrQcHKBuIy_arqlYMthxbkDo_A==

OPTIONS
H/1.1 200
OK multi
abs.proxistore.com/fr/v3/rtb/prebid/ Frame 0
0 68ms
21ms Other
text/plain 18.196.208.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abs.proxistore.com/fr/v3/rtb/prebid/multi
Protocol: HTTP/1.1
Server: 18.196.208.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-208-66.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gala.fr
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.gala.fr
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/octet-stream text/plain; charset=utf-8
Date: Mon, 24 Aug 2020 02:07:39 GMT
Pragma: : no-cache
Server: nginx/1.16.1
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
864 B 40ms
14ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 9c80ba89-b0c6-46d9-afb1-9feb9dd5b32a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK multi
abs.proxistore.com/fr/v3/rtb/prebid/ 2 B
1 KB 90ms
29ms XHR
application/json 18.196.208.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.proxistore.com/fr/v3/rtb/prebid/multi

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.208.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-208-66.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Server: nginx/1.16.1
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-server: nginx2
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, nofollow
Expires: 0

GET
H2 200 cygnus
htlb.casalemedia.com/ 25 B
568 B 135ms
117ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=262784&v=7.2&r=%7B%22id%22%3A%2244ec599c14ab70e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2245323e7c2c3d654%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22460e500ba06f094%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245323e7c2c3d654%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245323e7c2c3d654%22%2C%22ext%22%3A%7B%22siteID%22%3A%22262784%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D%22%2C%22page%22%3A%22https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.gala.fr
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
expires: Mon, 24 Aug 2020 02:07:39 GMT

GET
H/1.1 200
OK bidRequest
c2shb.ssp.yahoo.com/ 62 B
382 B 102ms
62ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d0601727280d004843edb46006d&pos=gala_-_d_pavebtf_-_300x250&cmd=bid&secure=1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: ATS/7.1.2.113
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.gala.fr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 cdb
bidder.criteo.com/ 0
141 B 15ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=94647819422
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 24 Aug 2020 02:07:38 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.gala.fr
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK msq_prebid
pbs-front.mediasquare.fr/ 503 B
757 B 278ms
184ms XHR
application/json 137.74.125.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs-front.mediasquare.fr/msq_prebid
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.125.156 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 24 Aug 2020 02:07:39 GMT
Content-Encoding: gzip
Server: Apache
X-IPLB-Instance: 36496
Vary: Accept-Encoding,Origin
P3P: policyref="https://www.mediasquare.fr/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/json

POST
H/1.1 200
OK v1
prg.smartadserver.com/prebid/ 0
1 KB 91ms
58ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
x-smrt-d: 6%3b18%3b92
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
864 B 40ms
14ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 5a1f728c-64e6-47a4-8663-ad374e428416
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json
fastlane.rubiconproject.com/a/api/ 264 B
2 KB 135ms
76ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17912&site_id=198932&zone_id=979518&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=btf&gdpr=0&rf=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&tk_flint=pbjs_lite_v3.27.0&x_source.tid=fc7b8f0f-59b0-4308-b4af-c81bbd92366c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2813567654039173
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gala.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1
hb-api.omnitagjs.com/hb-api/prebid/ 188 B
609 B 127ms
121ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
x-envoy-upstream-service-time: 96
vary: Accept-Encoding
content-length: 150
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 auction
tlx.3lift.com/header/ 19 B
277 B 21ms
21ms XHR
application/json 3.122.165.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.27.0&referrer=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&tmax=2000&gdpr=false

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.165.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-165-204.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gala.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 /
eum-eu-west-1.instana.io/ 0
189 B 35ms
34ms Other
text/plain 2606:4700::6810:9df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5c79855fd80d323c-FRA
content-length: 0
cf-request-id: 04bfd1afe80000323c6f147200000001

GET
H2 200 integrator.js
adservice.google.nl/adsid/ 109 B
829 B 34ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.gala.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 109 B
316 B 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gala.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 312ms
311ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1463729173225218&correlator=4034929385277414&output=ldjh&impl=fifs&eid=21067181%2C21065725&vrg=2020082001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=228216569%2CGala%2Croyautes-hp%2Cliste%2CPave-Bas&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600%7C120x600%7C160x600&prev_scp=position%3DPave-Bas%26slotCode%3DPave-Bas_5f4320e7aebb9%26slotPosition%3D3%26formatPosition%3DPave-Bas_1%26adunitDFP%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%252FPave-Bas%26ad_h%3D2%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=pageHitID%3D7afe50fb-6fe9-4395-8aa7-6c81305e8c7e%26urlprisma%3D%252Froyautes%26env%3Dprod%26pageType%3Dcollectionpage%26pageCategory%3Droyautes%26pageSubCategory%3Dhp%26adunitPath%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%26referrer%3Dwtm.info-people.fr%26utm_campaign%3Demailwelcoming%26utm_source%3Dwelcoming%26currentDevice%3Ddesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1598234859&dt=1598234859766&dlt=1598234855758&idt=630&frm=20&biw=1600&bih=1200&oid=3&adxs=998&adys=2526&adks=3644302016&ucis=1&hl=fr&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&ref=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&dssz=68&icsg=8598487040&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x290&msz=366x250&ga_vid=527269385.1598234856&ga_sid=1598234860&ga_hid=981928391&fws=516&ohw=366

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4946
x-xss-protection: 0
google-lineitem-id: 5412426840
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316044153
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gala.fr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 52 KB
14 KB 316ms
316ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1463729173225218&correlator=557696198302150&output=ldjh&impl=fifs&eid=21067181%2C21065725&vrg=2020082001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=228216569%2CGala%2Croyautes-hp%2Cliste%2CBanniere-Haute%2CPave-Haut%2COut-Of-Banner&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%7C1000x90%7C1000x200%7C1800x1000%2C300x250%7C300x600%7C120x600%7C160x600%2C1x1&ists=1&prev_scp=position%3DBanniere-Haute%26slotCode%3DBanniere-Haute_5f4320e7ab7d7%26slotPosition%3D1%26formatPosition%3DBanniere-Haute_1%26adunitDFP%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%252FBanniere-Haute%26ad_h%3D2%26amznbid%3D2%26amznp%3D2%7Cposition%3DPave-Haut%26slotCode%3DPave-Haut_5f4320e7ace1d%26slotPosition%3D2%26formatPosition%3DPave-Haut_1%26adunitDFP%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%252FPave-Haut%26ad_h%3D2%26amznbid%3D2%26amznp%3D2%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.01%26hb_adid_ix%3D63fdc2db6eb2fe9%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D63fdc2db6eb2fe9%26hb_bidder%3Dix%7Cposition%3DOut-Of-Banner%26slotCode%3DOut-Of-Banner_5f4320e7af3bc%26slotPosition%3D4%26formatPosition%3DOut-Of-Banner_1%26adunitDFP%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%252FOut-Of-Banner%26ad_h%3D2&eri=1&cust_params=pageHitID%3D7afe50fb-6fe9-4395-8aa7-6c81305e8c7e%26urlprisma%3D%252Froyautes%26env%3Dprod%26pageType%3Dcollectionpage%26pageCategory%3Droyautes%26pageSubCategory%3Dhp%26adunitPath%3D%252F228216569%252FGala%252Froyautes-hp%252Fliste%26referrer%3Dwtm.info-people.fr%26utm_campaign%3Demailwelcoming%26utm_source%3Dwelcoming%26currentDevice%3Ddesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1598234859&dt=1598234859789&dlt=1598234855758&idt=630&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C998%2C800&adys=186%2C346%2C4956&adks=746884280%2C545418889%2C4264359866&ucis=2%7C3%7C4&hl=fr&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&ref=http%3A%2F%2Fwtm.info-people.fr%2Fredirection.html%3Fm%3D20f7600cd6004b0543968d56d440b615%26c%3Dfr%26u%3Dhttp%253A%252F%252Fwww.gala.fr%252Froyautes%253Futm_source%253Dwelcoming%2526utm_medium%253Dcpc%2526utm_campaign%253Demailwelcoming%26dc%3DpA62rwV3nbtwLwkizyi95u7D5c%252FQFRf6FFLF4C4YszXF4db1gDIfQaj3j%252Bl4wNcxB5a1q81mlnW9THbr%252FqkqVAiKFnBaxDTST%252BLoTP0QLkLjh1YSgWxJtNfyH3lwSdZ3G7FdVrlNYq9b1o8xkFu574aGAbMBBhC0NrL4lGrmnLnHP8gy3yfahFho%252FjaVDhlHutiFTFd0Z3hKwiKeHPk8lA%253D%253D&dssz=68&icsg=8598487040&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x130%7C366x290%7C1600x5007&msz=1600x90%7C366x250%7C1600x1&ga_vid=527269385.1598234856&ga_sid=1598234860&ga_hid=981928391&fws=4%2C516%2C4&ohw=1600%2C366%2C1600

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14659
x-xss-protection: 0
google-lineitem-id: 5441042132,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318863327,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gala.fr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 err_rep.js
pagead2.googlesyndication.com/pagead/js/ 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/err_rep.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 3733
x-xss-protection: 0
server: cafe
etag: 17221549273110680966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Aug 2020 03:06:40 GMT

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
144 B 15ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jserror&context=640&msg=TypeError%3A%20Cannot%20read%20property%20%27startsWith%27%20of%20undefined%0Aat%20n%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%3A6%3A652)%0Aat%20we%20(gpt.js%3A6%3A35409)%0Aat%20xe%20(gpt.js%3A6%3A35544)%0Aat%20xe%20(gpt.js%3A6%3A35635)%0Aat%20PerformanceObserver.%3Canonymous%3E%20(gpt.js%3A6%3A36921)%0Aat%20PerformanceObserver.%3Canonymous%3E%20(gpt.js%3A6%3A34947)&url=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame FD8D 206 KB
57 KB 75ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26340
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Sun, 23 Aug 2020 18:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d730d226616e6acf"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Aug 2021 18:48:40 GMT

GET
H2 200 amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame FD8D 94 KB
28 KB 114ms
92ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26346
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Sun, 23 Aug 2020 18:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Aug 2021 18:48:34 GMT

GET
DATA 200
OK truncated
/ Frame FD8D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 5633139875762610284
tpc.googlesyndication.com/simgad/ Frame FD8D 173 KB
174 KB 30ms
15ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5633139875762610284

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 05:58:17 GMT
x-content-type-options: nosniff
age: 1109363
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177388
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 13:49:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 05:58:17 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame FD8D 0
197 B 31ms
31ms Image
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqxLeKBRfPm8N6tXQ2eQcUVFljo6WDcAfwUsLqvnsVdowUNmz_gD5TCPROA43Zwo4V-K5obyZfrufqw5ERxCxtr5ARliGy1qKUp2VYOQsecq7w9HAJzehybgq1KxL3XNf3C-gLm1nme6nJaCtDoU9RPjd_vij7LG2VAXOl2CwxVYPCPCdHkJljpoIIElwWXzcxyTnhSJtmG5kXfYKWq5ioYDoyuqbXlBIh6SkV6RFGw1PLXs2VMCJHXT037js9sKU7X1OfqUVue6PTdM5uu1uD8x5Zqzg&sig=Cg0ArKJSzP216eiwA7ieEAE&adurl=

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
26ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020082001&st=env

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6083
x-xss-protection: 0

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 09FE 0
0 56ms
55ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNQgNkxmoXig3d_4M3HwDeJkRChIPRDj0FPHMdb8jpiCVYw4SGDnkz1TSAeDIyRdh4pYad1Aq9dd2fgMvJQjRt6pUA4wLE1l_ZWbtiaonTrjOEyXkGHbqVeAdVsWz_XEwSP0wDcwEST248SDyUDFLSmOy4IjaZ9txhC88F1HcvUY3-xm-zMKUr5ZvksBJMnD6HlSZ3dhb0TVzyM3PJnukoRGhI5slmOarE3GiNngT8WDvk6M2KQ_rdMSz976Ar7YYJvwIheN_7KzHdkMzq40Yj-TjxVVcHHZUtUjevTIw&sig=Cg0ArKJSzI3wgi2PWH12EAE&urlfix=1&adurl=

Requested by

Host: ml.info-people.fr
URL: https://ml.info-people.fr/l2/7JldiD9Um4/1787741/3667645879.html

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46

200

5402708244183389912
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNQgNkxmoXig3d_4M3HwDeJkRChIPRDj0FPHMdb8jpiCVYw4SGDnkz1TSAeDIyRdh4pYad1Aq9dd2fgMvJQjRt6pUA4wLE1l_ZWbtiaonTrjOEyXkGHbqVeAdVsWz_XEwSP0wDcwEST...
https://tpc.googlesyndication.com/simgad/5402708244183389912?

196 KB
196 KB

11ms
8ms

Image
image/jpeg

2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5402708244183389912?

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 22:26:37 GMT
x-content-type-options: nosniff
age: 1136463
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200594
x-xss-protection: 0
last-modified: Tue, 04 Aug 2020 15:46:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 22:26:37 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
status: 302
location: https://tpc.googlesyndication.com/simgad/5402708244183389912?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 jload
pixel.adsafeprotected.com/ Frame E378 46 KB
13 KB 117ms
51ms Script
application/javascript 34.241.165.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10090&campId=1800x1000&pubId=147899809&chanId=21827698064&placementId=5441042132&pubCreative=138318863327&pubOrder=2691473925&ias_adpath=%23click-zone&cb=668809226
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.165.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: gzip
x-server-name: app25.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 09FE 73 KB
28 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28329
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:40 GMT

GET
H2 200 amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame DC86 206 KB
56 KB 119ms
117ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26340
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Sun, 23 Aug 2020 18:48:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d730d226616e6acf"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Aug 2021 18:48:40 GMT

GET
H2 200 amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame DC86 16 KB
6 KB 155ms
153ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 306007
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:33 GMT

GET
H2 200 amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame DC86 94 KB
28 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26346
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Sun, 23 Aug 2020 18:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Aug 2021 18:48:34 GMT

GET
H2 200 amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame DC86 4 KB
2 KB 154ms
153ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 306020
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:20 GMT

GET
H2 200 amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame DC86 48 KB
15 KB 153ms
151ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 306020
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:20 GMT

GET
DATA 200
OK truncated
/ Frame DC86 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 2036098586101521001
tpc.googlesyndication.com/simgad/ Frame DC86 93 KB
93 KB 40ms
39ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2036098586101521001?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkf85LbDbAaIR1aoRwHKL_qxU27Iw

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 14:19:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Aug 2020 12:39:03 GMT
server: sffe
age: 560894
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95125
x-xss-protection: 0
expires: Tue, 17 Aug 2021 14:19:26 GMT

GET
H/2+Q/46 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC86 3 KB
3 KB 39ms
38ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 Aug 2020 15:32:29 GMT
x-content-type-options: nosniff
server: cafe
age: 38111
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Mon, 24 Aug 2020 15:32:29 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC86 295 B
388 B 39ms
38ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 15259
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Aug 2020 21:53:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DC86 0
0 42ms
40ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr_qaIhYAumh4M3slQ5kknC0_57vC1yfEDIjKsGLXz5nXFLobGVjBJorjZrPJhnTUyLQLZSl9g9Wy87JJiAvv-fBRsHQ
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DC86 0
0 41ms
40ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTazw6yBDX5jzM_T33wPPo4egD6mDhuheprXvzZMMkJTFrMwEEAEgwsbnL2CRhICAjBigAa3ciogDyAEC4AIAqAMByAMIqgTMAU_QcC77MAhb6LCb2oBFNwIgD2Drq33yQSKBSDvUSZ7qO1-WUuFAWVaeHd2s8ne2ewd1Z4w7SkmcfFnvwwKzX2vjgC7A0IHC5lK8-JtPwEA_Cs43zJV_IOyRJISoH_kDvm_fubJGV-kHeSWf4fsZebz7R0QtDU1MMIq3AsVaXqJiaRLY3opzJOCbLP53wmnXAXDjNl-FBOas-xuydU_W0mLOFKrNpNDvbrrGaCzKP-yO59Y86YgGGfvUfx-8fQ03i8teZR_kSu-wxXsfFsAEkMPX15YD4AQBkgUECAQYAZIFBAgFGASgBgKAB4KmxWqoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQrbYk0ggJCIDhgBAQARgdgAoDyAsB2BMM&sigh=pgCAN9xFsf8&tpd=AGWhJmtgd0a9vCSy4M0ncy3NvmZs3wzGlTPKYmW8YW77whfcog
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 osd.js
www.googletagservices.com/activeview/js/current/ 71 KB
26 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:40 GMT

GET
H/2+Q/46 200 sodar2.js
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js?21067181

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 24 Aug 2020 02:07:40 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 09FE 0
21 B 30ms
30ms Image
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLDXElKp5qAkwt0DuqqXcr3KzLjzsUNwjklBZeMYEoEtd1UI-fu_Rovd_CEaGwnJZKr0Q3om4iRVGZqkK-Nh58OvYNPiWLoGh7k83GIPO8z5J77HC8thN6BrQvxLhsJkJIBUWsGUSzAG2j0KAN65kZZTJYEAPmyLoEtCDo6066NiRlGvmI9UVW7aCrDwSVntZ0RNBHsrdASR7CpU1D4vEZYn8L5VQa2JGWBlafUkly2uGO9ClwZHZ21Y2WqtShD3I078mQSltuiSskeIkjMwT3Z3LjxIvMHlkA5P-nWXmL5w&sig=Cg0ArKJSzF4ALyGaYGihEAE&urlfix=1&adurl=

Requested by

Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E29B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 24 Aug 2020 01:20:58 GMT
expires: Tue, 24 Aug 2021 01:20:58 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2802
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.117.js
static.adsafeprotected.com/ Frame E378 173 KB
56 KB 32ms
10ms Script
application/javascript 2600:9000:2182:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.117.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10090&campId=1800x1000&pubId=147899809&chanId=21827698064&placementId=5441042132&pubCreative=138318863327&pubOrder=2691473925&ias_adpath=%23click-zone&cb=668809226
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 17:28:59 GMT
content-encoding: gzip
age: 203922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Fri, 21 Aug 2020 17:13:47 GMT
server: AmazonS3
etag: W/"88d48a523aea736f4b9581bc41fa7c96"
vary: Accept-Encoding
x-amz-version-id: Q.bZcNJij.FCNHlFLCZRC9bWQ2TxaN92
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: jhThwFS2dQTbf9wB-VO3j1FBnOrAO3WKNZAetUBGuzzRGAaQrr-vNg==

POST
H2 204 auction
intake.pbstck.com/v1/intake/ 0
196 B 38ms
37ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=be9978eb&tId=dbb1dd3d-4ef4-418b-8674-c575d2a7ac81&c=3&ctr=NL
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Aug 2020 02:07:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
access-control-allow-origin: *
cf-ray: 5c7985651f6adfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04bfd1b32c0000dfd3efbe4200000001

GET
H/2+Q/46 200 5633139875762610284
tpc.googlesyndication.com/simgad/ Frame FD8D 173 KB
173 KB 7ms
6ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5633139875762610284

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 05:58:17 GMT
x-content-type-options: nosniff
age: 1109363
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177388
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 13:49:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 05:58:17 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DC86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame FD8D 0
21 B 30ms
30ms Image
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuni6yQhBmoyDO5-L563kpE9Rvk-sJHsEJyvutrqooqMoRlrhRpYwLE1K24mNaMJAlhn9wcu_gQBbIUYFWXMKy0Zmkqv-uqwZnGTUODkbQk1jssW105fmDBLso9HF3TOKQoNRYQUsjF_KGEP5YQzJe-BDu6SQf7lRN_zEKtCh9ekudDumiltjdjtQN7SS8YCCLDyVAg3Zk9OsLgXzWeh4kihPo76g6JyCHcN1bXIlwqChMmhyt1eulC6_2eV068KTEbTS_rxnpeH1syB1-hkbpR5pdm250_Qg&sig=Cg0ArKJSzG9Ne03F8JGPEAE&adurl=

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sca.17.4.114.js
static.adsafeprotected.com/ Frame 5D53 81 KB
22 KB 10ms
9ms Script
application/javascript 2600:9000:2182:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.gala.fr
URL: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 30 Jun 2020 05:16:22 GMT
content-encoding: gzip
age: 4740679
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: RZol9pv4V20r9PUrEsxaHW21wUdeSLlN7UM7Qm4hZ1XiNaX1E-Wq3A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 37ms
36ms Image
image/gif 34.241.165.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10090&campId=1800x1000&pubId=147899809&chanId=21827698064&placementId=5441042132&pubCreative=138318863327&pubOrder=2691473925&ias_adpath=%23click-zone&cb=668809226&adsafe_url=https%3A%2F%2Fwww.gala.fr%2Froyautes%3Futm_source%3Dwelcoming%26utm_medium%3Dcpc%26utm_campaign%3Demailwelcoming&adsafe_type=abdfq&adsafe_jsinfo=,id:a8b094ab-db6a-f31f-d722-1a8689642e97,c:mgHhRC,sl:inView,em:true,fr:true,mn:app25ie,pt:1-5-15,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:149,oid:969c57ca-e5ae-11ea-a033-06a809c23df0,v:19.8.117,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.165.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:40 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 494ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHhRF,pingTime:-8,time:151,type:l,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:151,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:147,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,bkn:{piv:[44~75],as:[44~1800.1000]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:40 GMT
X-Server-Name: dt56sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 15ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020082001&jk=1463729173225218&bg=!1tWl1c1YaHjcJSrffWwCAAAATlIAAAARmQGibbMgnUp6T5lgAxRawljg90gCngyFpkl3Jk0FhI_zyFfqSNN8Wgu44OSK74faqYyy58lDMjRXdbgygo4pwTLIL-p88EjXDh_8ar5Cx0fAwt9pr_hTdoh3Q4ElXSIbMQZFCBs1gEmX3aQHLCcYTYehddoKLdhsAY1LAR6hFv5sDON4Njq76IMLtzlLG9COZOsD0E_PXwzVYYkh4_q6EBNd30fwllctYv_JYMD1Tw3tAS7noD0zDOFXsa0p1X3qUPmhuNd5HHN_EIrSPlSKFCjdbF8VMHZOd9x8JFcfz5kQLeSm38S37h7JAhraQP_gxV_GxVZ7xZ0SlEPD5e60Vt2Oo8ID5b5V5J5jmYHKPuOfKqMru_Jm0VY1dBJSK1-BZtXe5CLVmnUiqneEli_STLB5sNOAA6XOC8zSdD6Gqgn209Gjb052KWAangnc-8sVzEwbHuLbjIPQYQV8f6Kx8CFJVxSM3aKNUUhlgAPyrgLalw7CGOi-6l68CfefNdBmD-bnv1DbA4GWKXBjt6z_aQvd9_wvfZYWdUXP1TIvsMB3uYIS9A

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 2036098586101521001
tpc.googlesyndication.com/simgad/ Frame DC86 93 KB
93 KB 6ms
6ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2036098586101521001?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkf85LbDbAaIR1aoRwHKL_qxU27Iw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 14:19:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Aug 2020 12:39:03 GMT
server: sffe
age: 560894
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95125
x-xss-protection: 0
expires: Tue, 17 Aug 2021 14:19:26 GMT

GET
H/2+Q/46 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC86 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 Aug 2020 15:32:29 GMT
x-content-type-options: nosniff
server: cafe
age: 38111
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Mon, 24 Aug 2020 15:32:29 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC86 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 15259
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Aug 2020 21:53:21 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 493ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHhSg,pingTime:-2,time:188,type:a,im:{sf:0,pom:1,prf:{beA:180,beZ:182,mfA:282,cmA:284,inA:284,inZ:292,prA:292,prZ:303,si:330,poA:332,poZ:347,cmZ:347,mfZ:347,loA:353,loZ:357,ltA:368,ltZ:368}},sca:{dfp:{df:0}},env:{gca:true,cca:false,gca2:false},clog:[{piv:89,vs:i,r:,w:1800,h:1000,t:148}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:188,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:147,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,bkn:{piv:[81~75],as:[81~1800.1000]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:[google_ads_iframe_/228216569/Gala/royautes-hp/liste/Banniere-Haute_0,google_ads_iframe_/228216569/Gala/royautes-hp/liste/Banniere-Haute_0__container__,Banniere-Haute_5f4320e7ab7d7,corps],sinceFw:36,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:40 GMT
X-Server-Name: dt14sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 329ms
169ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHhXh,pingTime:-10,time:499,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220202020222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1598234860806||57e6c277c7e5970b61a4d50b1561452a||71ff54ebddb1e090fbf173d96e2342c8||cacef3f3e048c16d57eef207bf6575cf||bb923655026d559ad86ea869c81d41d9||d9237c15f68f6e0dec6b412663bbab13||d545aec187fefdb5e432b0cbabd5a0ef||6e69fb99f052571865dfcd2f5ff92b86||1576000828}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:41 GMT
X-Server-Name: dt56sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 publishertag.prebid.js
static.criteo.net/js/ld/ 68 KB
21 KB 44ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: tra.scds.pmdstatic.net
URL: https://tra.scds.pmdstatic.net/advertising-core/4.74.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:41 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 07:37:33 GMT
server: nginx
etag: W/"5f3e283d-110c6"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 25 Aug 2020 02:07:41 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHi89,pingTime:1,time:1173,type:p,clog:[{piv:89,vs:i,r:,w:1800,h:1000,t:148}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1173,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:147,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,bkn:{piv:[1066~75],as:[1066~1800.1000]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:333,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:41 GMT
X-Server-Name: dt56sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHi8a,pingTime:1,time:1174,type:c,clog:[{piv:89,vs:i,r:,w:1800,h:1000,t:148}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1174,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:147,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,bkn:{piv:[1067~75],as:[1067~1800.1000]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:333,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:41 GMT
X-Server-Name: dt14sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10090&asId=a8b094ab-db6a-f31f-d722-1a8689642e97&tv={c:mgHi8a,pingTime:1,time:1174,type:c,clog:[{piv:89,vs:i,r:,w:1800,h:1000,t:148}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1174,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:147,wc:0.0.1600.1200,ac:-100.146.1800.1000,am:sp,cc:0.331.1600.0,piv:89,obst:0,th:0,reas:,bkn:{piv:[1067~75],as:[1067~1800.1000]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:333,fm:s8xMB3S+11|12|13|14|15|16|17|18|19*.10090|191|1a|1b|1c1,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:41 GMT
X-Server-Name: dt41sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 publishertag.prebid.js
static.criteo.net/js/ld/ 68 KB
21 KB 46ms
19ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 02:07:41 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 09:20:11 GMT
server: nginx
etag: W/"5f3e404b-110c6"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 25 Aug 2020 02:07:41 GMT

POST
H2 200 /
eum-eu-west-1.instana.io/ 0
190 B 42ms
42ms Other
text/plain 2606:4700::6810:9df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 02:07:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5c79856c7ff1323c-FRA
content-length: 0
cf-request-id: 04bfd1b7c70000323c6f1bd200000001

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DC86 42 B
93 B 30ms
30ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW-na-T4tZIvHOlHbQ1n3APd4a1mzv9V2_R2Br0f79lCfKxKbKOLqYWT11SlI0sEQrC1GwJF8TAY_0gQ3Qnp88N_S53JzAIT_dDHTdMAQit4swUPuePl8CqPyMvw&sai=AMfl-YSxEMAD440swtlUD3cbo5D20V0pd0E0WrpfkB1uBxwMybJqI3cGHfIbhRqte8rhlLLAEMc_aXsB18GDmPEmre-Y5W3N7n6--Kupy4TbuuUpdlv59XFNnlKMzwY&sig=Cg0ArKJSzChs5fBPzePiEAE&cid=CAASF-RoERAM7-p3kW2yXnu3Co2uoVI0D9xi&id=ampim&o=970,381&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=173&tls=1173&g=100&h=100&tt=1173&r=v&avms=ampa&adk=545418889

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gala.fr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
ariane.abtasty.com/ 43 B
106 B 19ms
19ms Fetch
image/gif 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.231.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Mon, 24 Aug 2020 02:07:42 GMT
status: 200
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://www.gala.fr
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

POST
H/1.1 200 164.json
id5-sync.com/g/v2/ 606 B
923 B 22ms
22ms XHR
application/json 54.36.109.49
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/164.json?gdpr_consent=&gdpr=0

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.49 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p04.id5-sync.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gala.fr
Date: Mon, 24 Aug 2020 02:07:41 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope
api.rlcdn.com/api/identity/ 44 B
326 B 48ms
19ms XHR
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=98

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

68.174.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Aug 2020 02:07:42 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status: 451
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gala.fr
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

32ms
32ms

Image
image/gif

52.30.187.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.187.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 02:07:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

Redirect headers

status: 302
date: Mon, 24 Aug 2020 02:07:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pb_mediasquare&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pb_mediasquare&endpoint=eu

0
0

61ms
20ms

Image
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=pb_mediasquare&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://eus.rubiconproject.com/usync.html?p=pb_mediasquare&endpoint=eu
Date: Mon, 24 Aug 2020 02:07:42 GMT
Access-Control-Allow-Credentials: true
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

setuid
pbs-front.mediasquare.fr/pbs/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs-front.mediasquare.fr%2Fpbs%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://pbs-front.mediasquare.fr/pbs/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3359204689471533558

0
759 B

32ms
32ms

Image
text/plain

137.74.125.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs-front.mediasquare.fr/pbs/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3359204689471533558
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.125.156 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:42 GMT
Server: Apache
X-IPLB-Instance: 36496
Vary: Origin
P3P: policyref="https://www.mediasquare.fr/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 02:07:42 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: 5d0bb6b5-243a-4a10-9c7d-95e91c356567
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pbs-front.mediasquare.fr/pbs/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3359204689471533558
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 83ms
21ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-mediasquare&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

POST /
eum-eu-west-1.instana.io/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep.la-meteo-mail.fr
URL: http://ep.la-meteo-mail.fr/tags/redirect.php?h=20f7600cd6004b0543968d56d440b615&source=38

Domain: eum-eu-west-1.instana.io
URL: https://eum-eu-west-1.instana.io/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ivitrack.com/	1970-01-19 12:07:19	Name: aloobat Value: e91eb7d2-70d4-4090-b882-a107049337ea-tuct63ca668
.abo.prismamediadigital.com/	1970-01-19 11:57:15	Name: __utmt Value: 1
.abo.prismamediadigital.com/	1970-01-20 05:28:26	Name: __utma Value: 38183027.1779305802.1598234856.1598234856.1598234856.1
.abo.prismamediadigital.com/	1969-12-31 23:59:59	Name: __utmc Value: 38183027
.abo.prismamediadigital.com/	1970-01-19 11:57:16	Name: __utmb Value: 38183027.1.10.1598234856
.gala.fr/	1970-01-19 14:06:50	Name: _fbp Value: fb.1.1598234856980.291925557
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_csv Value: null
.abo.prismamediadigital.com/	1970-01-19 16:20:02	Name: __utmz Value: 38183027.1598234856.1.1.utmcsr=gala.fr\|utmccn=(referral)\|utmcmd=referral\|utmcct=/royautes
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_consent Value: 1!0:-1:-1:-1
.gala.fr/	1970-01-19 20:42:50	Name: consentUUID Value: 3f09730f-621a-41ae-9056-318eb7010e97
.gala.fr/	1970-01-20 05:28:26	Name: _ga Value: GA1.2.527269385.1598234856
.gala.fr/	1970-01-19 14:06:50	Name: _sp_enable_dfp_personalized_ads Value: false
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_opt Value: 1:
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D
.gala.fr/	1970-01-19 11:57:14	Name: _gat_UA-18383854-2 Value: 1
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_lt Value: 1:msg\|true:
.agkn.com/	1970-01-19 20:42:50	Name: ab Value: 0001%3AuPt8bRLPNFIYM686d6ImciSZwXDGCmrt4Loljjv9Sp1i0UY7dylNLg%3D%3D
www.gala.fr/	1969-12-31 23:59:59	Name: pageCount Value: 1
.gala.fr/	1970-01-19 11:57:16	Name: ABTastySession Value: mrasn=&lp=https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming&sen=0
.gala.fr/	1970-01-19 11:57:14	Name: _gat Value: 1
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_data Value: 2:153534:1598234856:0:1:0:1:0:0:ab45274d-c347-4f13-a43a-c1ce162a05f9:187010
.agkn.com/	1970-01-19 20:42:50	Name: u Value: C\|0AEAm1d1oJtXdaAAAAAAAAg1RAQCADVIBAIA
.gala.fr/	1970-01-19 21:15:58	Name: ABTasty Value: uid=04v5gjt7vak2t2c9&fst=1598234856890&pst=-1&cst=1598234856890&ns=1&pvt=1&pvis=1&th=
www.gala.fr/	1970-01-19 12:40:26	Name: _sp_v1_uid Value: 1:254:7ff97372-20a6-41f8-a212-58807abd0902
www.gala.fr/	1970-01-19 11:57:15	Name: measure Value: {"contentLifetime":15,"mapResponseAuth":{"274074216527":{"host":"https://collecte.audience.acpm.fr/m/web/","access":"full","creationDate":1598234857024}}}
.gala.fr/	1970-01-19 11:58:41	Name: _gid Value: GA1.2.1177751373.1598234856

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1) Message: Error Failed to execute 'createObjectURL' on 'URL': No function was found that matched the signature provided.
console-api	warning	URL: https://prd2-tra.scds.pmdstatic.net/pmd-browsertools/1.7.48/browsertools.js(Line 1) Message: undefined
console-api	warning	URL: https://tra.scds.pmdstatic.net/advertising-core/4.74.0/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	(Line 1) Message: Messaging without detection successfullly executed.
console-api	log	(Line 1) Message: onReceiveMessageData
console-api	log	(Line 1) Message: undefined
console-api	debug	(Line 1) Message: [Bookmark] BookmarkClient Initialized [object Object]
console-api	debug	(Line 1) Message: [Bookmark] no bookmark status elements to initialize
console-api	debug	(Line 1) Message: [Bookmark] no bookmark count elements to initialize
console-api	debug	(Line 1) Message: [Bookmark] [] reset count
console-api	log	(Line 3) Message: >>> 10 juin 2020 - 19h23
console-api	log	(Line 157) Message: successful new configuration..
console-api	info	URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
console-api	info	URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 https://www.gala.fr/royautes?utm_source=welcoming&utm_medium=cpc&utm_campaign=emailwelcoming
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuni6yQhBmoyDO5-L563kpE9Rvk-sJHsEJyvutrqooqMoRlrhRpYwLE1K24mNaMJAlhn9wcu_gQBbIUYFWXMKy0Zmkqv-uqwZnGTUODkbQk1jssW105fmDBLso9HF3TOKQoNRYQUsjF_KGEP5YQzJe-BDu6SQf7lRN_zEKtCh9ekudDumiltjdjtQN7SS8YCCLDyVAg3Zk9OsLgXzWeh4kihPo76g6JyCHcN1bXIlwqChMmhyt1eulC6_2eV068KTEbTS_rxnpeH1syB1-hkbpR5pdm250_Qg&sig=Cg0ArKJSzG9Ne03F8JGPEAE&adurl=
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.003173828125ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8b4866ba9423fce22fb7b4d397b40bd9.safeframe.googlesyndication.com
abo.prismamediadigital.com
abs.proxistore.com
ads.avads.net
adservice.google.com
adservice.google.nl
adtrack.adleadevent.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.prismaconnect.fr
api.rlcdn.com
ariane.abtasty.com
asset.easydmp.net
ats.rlcdn.com
auth.audience.acpm.fr
avads.net
bidder.criteo.com
boot.pubstack.io
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn-alliancegravity.s3.amazonaws.com
cdn.ampproject.org
cdn.mediasquare.fr
cdn.mookie1.com
cdn.pbstck.com
cdn.polyfill.io
cm.g.doubleclick.net
collecte.audience.acpm.fr
connect.facebook.net
consent.prismamedia.com
cross-prod.antvoice.com
d.agkn.com
dcinfos-cache.abtasty.com
dis.eu.criteo.com
dt.adsafeprotected.com
eb2.3lift.com
ep.la-meteo-mail.fr
er.cloud-media.fr
eum-eu-west-1.instana.io
eum.instana.io
eus.rubiconproject.com
fastlane.rubiconproject.com
gal.img.pmdstatic.net
googleads.g.doubleclick.net
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
intake.pbstck.com
itm.ivitrack.com
js-sec.indexww.com
js.agkn.com
js.antvoice.com
match.adsrvr.org
ml.info-people.fr
notice.sp-prod.net
odr.mookie1.com
pagead2.googlesyndication.com
pbs-front.mediasquare.fr
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
prd2-tra.scds.pmdstatic.net
prg.smartadserver.com
prismashop.commander1.com
r.phywi.org
redirect.frontend.weborama.fr
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sourcepoint.mgr.consensu.org
static.adsafeprotected.com
static.coreg-feed.com
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tag.audience.acpm.fr
tlx.3lift.com
tpc.googlesyndication.com
tr.outbrain.com
tra.scds.pmdstatic.net
try.abtasty.com
wtm.info-people.fr
www.facebook.com
www.gala.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
ep.la-meteo-mail.fr
eum-eu-west-1.instana.io
104.111.215.135
104.111.228.229
104.111.230.142
104.111.232.210
104.244.38.20
13.226.145.204
13.226.155.14
13.226.155.31
13.226.155.93
137.74.125.156
15.237.35.218
178.250.2.131
178.250.2.151
18.156.195.47
18.195.197.134
18.196.167.206
18.196.208.66
185.255.84.150
185.29.133.199
185.33.221.11
185.86.139.58
192.229.221.226
192.229.221.61
2.18.234.190
2.18.234.21
2001:41d0:203:836d::
2001:41d0:301:100:145:239:193:53
2001:41d0:303:41d3::
216.58.207.34
216.58.207.66
2600:9000:2182:6a00:8:48e:53c0:93a1
2600:9000:2182:a400:15:efbc:e300:93a1
2600:9000:2182:fe00:19:fc2c:a140:93a1
2606:4700:10::6816:15d
2606:4700::6810:9cf3
2606:4700::6810:9df3
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:814::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2001
2a00:1450:4001:820::2008
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:400c:c04::9b
2a02:2638:1::3
2a02:26f0:6c00:29e::1eae
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
3.122.165.204
34.241.165.231
34.250.197.125
34.98.67.61
35.190.16.14
35.190.76.172
35.190.89.230
35.205.207.25
35.227.248.159
35.244.174.68
35.244.220.155
35.244.231.49
46.105.198.136
52.29.23.246
52.30.187.36
52.31.182.127
52.51.34.169
52.58.161.11
52.95.154.23
54.171.173.220
54.247.110.128
54.36.109.49
63.32.143.59
64.202.112.191
69.173.144.143
69.173.144.165
91.190.170.12
15b7d3a85dd308f3cdd20a9cd8aa3c5637c58dfa2af0f2bd74b328029fac7fc3
1a2007659142c1b92a0580c817a8fe50c652722174c85cfb0d52d18b57d7e90d
23f6132d96ea5ae6dc00a42ac805ab4e62fd6aa878a6e29f670dfa2e7c1b002a
2fe27f7a543331a2a9668a1d48628be640e85756614f48086561942d81db7fbb
61df33540aaf3ebf355188a380e2076db62e154ddef5b9b73af3a7b57485eac3
74d150f9e24f7f364b2ac7df7f32bf8c6d2d1481ed2ccb29c49f0ce696b5c221
7fb23c2d2f9cc991e9d1693fbca38ff6d3a5da47d364199fc2ebb711ac316be2
8501c68e62a9d63debe5802627e9a1c7b339ca55841e8d37ee48806ec1287faa
97dc8a67657675cc335cca70bf4298ea947319317bcd62e0781d0495f1b1bca3
abc69699e8f0304cd01c34c351653647a33c8b7d81b0c54264fd29726219e2e4
b9f9836c4b865e397e0a1a5cd7243f08855c9a70d0238b9508379a1e9732d1d0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
e3e063b3615c66865976b74b298515edd4f0e7618394e05fc07750c714ef182e
ed940114798c297be0ff9896c291d010ad5921d46e089de36f19d78965917f0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.gala.fr Open in urlscan Pro 104.111.232.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

98 %HTTPS

31 %IPv6

61 Domains

92 Subdomains

70 IPs

8 Countries

2381 kBTransfer

5707 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.gala.fr Open in urlscan Pro
104.111.232.210 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

98 %
HTTPS

31 %
IPv6

61
Domains

92
Subdomains

70
IPs

8
Countries

2381 kB
Transfer

5707 kB
Size

26
Cookies

187 HTTP transactions
3 data transactions