URL: https://www.collegien-shop.com/
Submission Tags: sansec.io magecart Search All
Submission: On August 20 via api from US — Scanned from FR

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 185.249.140.54, located in Paris, France and belongs to DIS DIS Infrastructure, FR. The main domain is www.collegien-shop.com.
TLS certificate: Issued by R11 on June 23rd 2024. Valid for: 3 months.
This is the only time www.collegien-shop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 185.249.140.54 202140 (DIS DIS I...)
25 2
Apex Domain
Subdomains
Transfer
24 collegien-shop.com
www.collegien-shop.com
815 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
25 2
Domain Requested by
24 www.collegien-shop.com www.collegien-shop.com
0 www.googletagmanager.com Failed www.collegien-shop.com
25 2

This site contains links to these domains. Also see Links.

Domain
collegien-shop.fr
b2b-fr.collegien-shop.com
ekomi.fr
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
www.collegien-shop.com
R11
2024-06-23 -
2024-09-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.collegien-shop.com/
Frame ID: 1F0CE06C697A35289CC84793F2E046BD
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Collégien Chaussons Chaussettes pour toute la famille

Page URL History Show full URLs

  1. https://www.collegien-shop.com/ Page URL
  2. https://www.collegien-shop.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1072 kB
Transfer

1887 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.collegien-shop.com/ Page URL
  2. https://www.collegien-shop.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.collegien-shop.com/
356 KB
356 KB
Document
General
Full URL
https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
/
Resource Hash
0edf8ba142c958235b653f823bb2829f442be642058cc940cf064729983c27ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 05:26:45 GMT
x-dis-country
FR
x-dis-waf
1
truncated
/
257 KB
257 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea96c1b9a3424181aaaf8a80fb239c4e7d9861382bd7b28b81a48b0ef29c15e5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
www.collegien-shop.com/
15 KB
7 KB
Other
General
Full URL
https://www.collegien-shop.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
e2e217c6e09ab5517bdc61da199fd6cdd5ffad2c93cfec0c121cbcaafbf085ac
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
https://www.collegien-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:45 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
85f0d1347cfb4d7dfc438ca23bd01bdf8343e644
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131605
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.8815379999999999; desc="Compute config for request", total; dur=2.4685189999999997; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 08:54:20 GMT
server
dis-waf
etag
W/"3c2e-190d9a61da5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Primary Request /
www.collegien-shop.com/
157 KB
28 KB
Document
General
Full URL
https://www.collegien-shop.com/
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
1e209d8c96d75907c4270250b5ce61a5d551ee43ef17d862e412317997a9f4a9
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Referer
https://www.collegien-shop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 05:26:49 GMT
etag
W/"2727e-ppuAwQTG4SJlX9eeRdPukxe+Fv4"
expires
0
pragma
no-cache
referrer-policy
no-referrer
server
dis-waf
server-timing
config; dur=0.665739; desc="Compute config for request" remote config; dur=1.20374; desc="Build config with remote values" template; dur=0.019039999999999998; desc="Resolve initial template" loaders; dur=3.398809; desc="Initialize GraphQL loaders" app; dur=0.10434199999999999; desc="React App initialization" getdata; dur=142.236608; desc="Resolve Apollo queries" render; dur=4.098409999999999; desc="Render final HTML" total; dur=159.228422; desc="Total Response Time"
strict-transport-security
max-age=15552000; includeSubDomains
surrogate-control
no-store
vary
Origin, Accept-Encoding
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
x-content-type-options
nosniff nosniff
x-dis-country
FR
x-dis-id
801d122fab3ca50a8beb363f788f0a5f57d9d48a
x-dis-ts
1724131608
x-dis-waf
1
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-ua-compatible
IE=edge
x-xss-protection
0 1; mode=block
Muli-Bold.priority.32240ca1.woff2
www.collegien-shop.com/static/media/
17 KB
21 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Muli-Bold.priority.32240ca1.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
f4cd9bdad1f1176c4629ee6b814c3a99095c0bf8
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.332219; desc="Compute config for request", total; dur=13.528300999999999; desc="Total Response Time"
content-length
16940
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"422c-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Muli-Regular.priority.06a2b2bc.woff2
www.collegien-shop.com/static/media/
16 KB
21 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Muli-Regular.priority.06a2b2bc.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
8716dc6a93f42f8158a79b88c963af0f25bc98a5
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.344978; desc="Compute config for request", total; dur=12.642443; desc="Total Response Time"
content-length
16828
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"41bc-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Muli-Light.priority.7848ba43.woff2
www.collegien-shop.com/static/media/
16 KB
21 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Muli-Light.priority.7848ba43.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
517be397db5d618d34c60b12463674d85a7251b4dff1f919388e53e00a4d3905
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
8454267ca9d83a7f9bf7edd573b16f638ba16c54
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.331991; desc="Compute config for request", total; dur=12.883739; desc="Total Response Time"
content-length
16780
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"418c-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-800.priority.db9a3e0b.woff2
www.collegien-shop.com/static/media/
19 KB
24 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Montserrat-800.priority.db9a3e0b.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
0cfdf307d6ff980869e9cbae03eb0a993a503e64
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.33372399999999997; desc="Compute config for request", total; dur=13.752925; desc="Total Response Time"
content-length
19440
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4bf0-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-Bold.priority.0480d2f8.woff2
www.collegien-shop.com/static/media/
19 KB
24 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Montserrat-Bold.priority.0480d2f8.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
b67f4254b5603bc9cd987f9cdf02b043e7889017
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.38682; desc="Compute config for request", total; dur=13.127896; desc="Total Response Time"
content-length
19264
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b40-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-SemiBold.priority.0480d2f8.woff2
www.collegien-shop.com/static/media/
19 KB
24 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Montserrat-SemiBold.priority.0480d2f8.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
a8c2f32dc309f2c667c56cfcf2647f1756bd24cd
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.408447; desc="Compute config for request", total; dur=12.338429; desc="Total Response Time"
content-length
19264
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b40-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-500.priority.091b2095.woff2
www.collegien-shop.com/static/media/
19 KB
24 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Montserrat-500.priority.091b2095.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
5826b7874d1ef0e429a548ad0e2eea6a7f81dfc9
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.36369999999999997; desc="Compute config for request", total; dur=13.337223; desc="Total Response Time"
content-length
19272
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4b48-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Montserrat-Regular.priority.b71748ae.woff2
www.collegien-shop.com/static/media/
19 KB
24 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Montserrat-Regular.priority.b71748ae.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
b5c0075291710e60943c397c24bd844b48a75672
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.449997; desc="Compute config for request", total; dur=13.350171999999999; desc="Total Response Time"
content-length
19172
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4ae4-190d9ad93a4"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
63.c83d63ae.css
www.collegien-shop.com/static/css/
315 KB
49 KB
Stylesheet
General
Full URL
https://www.collegien-shop.com/static/css/63.c83d63ae.css
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
43df1ef26205bb488719bee3a60f880393a63089e5b515eb365a9d2c8793c347
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
9f2a6c72f94426b44a73615e795c9438b41b2bbd
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.731825; desc="Compute config for request", total; dur=14.060115; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"4ebb5-190d9ad93b8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
67.5acd2b40.js
www.collegien-shop.com/static/js/
3 KB
7 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/67.5acd2b40.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d13fcb01ca0b7c5fdf3474c748337a9fab27007865c677bbb0f624a3007fbd7c
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
b3f3c6f7c1b48ae8f7988628b30375abade879b3
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.703599; desc="Compute config for request", total; dur=5.3345389999999995; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"d54-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
0.245549e8.chunk.js
www.collegien-shop.com/static/js/
154 KB
0
Script
General
Full URL
https://www.collegien-shop.com/static/js/0.245549e8.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
452c89039e2d50c959b0a316861eef6a03c0a15b
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.737095; desc="Compute config for request", total; dur=26.746886999999997; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5a424-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
63.b20f58f4.chunk.js
www.collegien-shop.com/static/js/
0
0
Script
General
Full URL
https://www.collegien-shop.com/static/js/63.b20f58f4.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
a7a8681fc9e8bbcfd19cdcc062f243b192fbf226
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.618645; desc="Compute config for request", total; dur=17.394631; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"d8ff0-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
1.4522bac5.chunk.js
www.collegien-shop.com/static/js/
223 KB
0
Script
General
Full URL
https://www.collegien-shop.com/static/js/1.4522bac5.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
ed2904aada34ca1a1b15372a092e2ee57616c886
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.8103349999999999; desc="Compute config for request", total; dur=18.216496; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5f0a0-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
6.bd6c5d4d.chunk.js
www.collegien-shop.com/static/js/
222 B
5 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/6.bd6c5d4d.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
69dbfb1cadebf2ac66cf2d3a3f20dc35f4fb362786eb5aa11ce4eeca24e68c45
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
8a8fe4ccf0949ad3d9a32c4232ea743be53920bd
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.560368; desc="Compute config for request", total; dur=16.702396; desc="Total Response Time"
content-length
222
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"de-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
24.cab633ee.chunk.js
www.collegien-shop.com/static/js/
0
0
Script
General
Full URL
https://www.collegien-shop.com/static/js/24.cab633ee.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
b5984f6698612d0019828d6f21483339f9fa19de
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.330623; desc="Compute config for request", total; dur=16.599374; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"67b3f-190d9ad93ac"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
35.1cd6cc7c.chunk.js
www.collegien-shop.com/static/js/
17 KB
9 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/35.1cd6cc7c.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
913e28731950e6ba9c4d18f87d6af382cfdba5479883f0a1c0637c47d059d4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
437b02e7b96d81dfa08c84e67a5f6a6d34c17126
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.323073; desc="Compute config for request", total; dur=16.299283; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"42d4-190d9ad93b0"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
16.3bb095ed.chunk.js
www.collegien-shop.com/static/js/
111 KB
31 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/16.3bb095ed.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
0f207c46754553f74c1cee65a6d0a4214dda9138f64ab09cebfc820ad3b71a2e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
c6c2d67ce640ee47e54049b4760cf926194d4100
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.320528; desc="Compute config for request", total; dur=15.643611; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"1bc9d-190d9ad93a8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
68.68e0a434.chunk.js
www.collegien-shop.com/static/js/
4 KB
6 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/68.68e0a434.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
d7da04f79f972acb049c226040d0e918d3856e9bf4765933e0adf957a4e27434
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
c912429b9b9fd98deb1aca0d45c77bb302430926
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.341262; desc="Compute config for request", total; dur=15.967516; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"e73-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
69.e47567a8.chunk.js
www.collegien-shop.com/static/js/
4 KB
6 KB
Script
General
Full URL
https://www.collegien-shop.com/static/js/69.e47567a8.chunk.js
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
84033b24e9247cc3fd24f44f600c8563ffe66d5865fca1529eb27158984cc0fb
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
a407ee7ce851d390d62ccbd1b266e1fa235ad141
x-content-type-options
nosniff, nosniff
x-dis-ts
1724131609
x-dis-waf
1
x-permitted-cross-domain-policies
none
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.35878; desc="Compute config for request", total; dur=16.880153; desc="Total Response Time"
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"f54-190d9ad93bc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
gtm.js
www.googletagmanager.com/
0
0

truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f7ba87e3bbdf17d85a90e243e435d03ba7ceaf38f43f9a59b1907a60032f18c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
full_screen_7.png
www.collegien-shop.com/media/picture/image/f/u/
98 KB
103 KB
Image
General
Full URL
https://www.collegien-shop.com/media/picture/image/f/u/full_screen_7.png?format=hero&width=1500&height=624&size=1&cover=true
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
571b2c280da015f9296fd8c0324fe756512f534b8611b844488feba95a618e89
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
https://www.collegien-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
0aeae2ca9ca311e8e1642c2bb6d67a094f9b86d3
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.402514; desc="Compute config for request", remote config; dur=1.447986; desc="Build config with remote values", total; dur=21.937946999999998; desc="Total Response Time"
content-length
100479
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:12:54 GMT
server
dis-waf
etag
W/"1887f-190d9b71cbd"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
truncated
/
357 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882f10a8789cdaed0607e609b1c5771c9cff1d93e5b096ace37b216780360687

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
270 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6df801050ead9ea3fce6f9de5994afb0a2a6e3b57fdbe586fcadd69e8150e75

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
357 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db9ce631c7d6f98770ca6a218966102efc0084a6f8dab8edf960e61ca672a1ef

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Linearicons-Free.857c65d6.woff2
www.collegien-shop.com/static/media/
21 KB
26 KB
Font
General
Full URL
https://www.collegien-shop.com/static/media/Linearicons-Free.857c65d6.woff2
Requested by
Host: www.collegien-shop.com
URL: https://www.collegien-shop.com/static/css/63.c83d63ae.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.249.140.54 Paris, France, ASN202140 (DIS DIS Infrastructure, FR),
Reverse DNS
ip-185-249-140-54.rev.dis-hosting.net
Software
dis-waf /
Resource Hash
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.collegien-shop.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report
date
Tue, 20 Aug 2024 05:26:49 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dis-id
4191c3b9d56e02b696cb9e6a51d92fabc1bf6d82
x-dis-ts
1724131609
x-permitted-cross-domain-policies
none
x-dis-waf
1
content-security-policy-report-only
default-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;frame-src 'self' api.lyra.com ws.colissimo.fr admin.v2019.collegien.dis-hosting.fr www.facebook.com static.payzen.eu *.paypal.com www.paypalobjects.com secure.payzen.eu *.doubleclick.net sibautomation.com;style-src 'self' 'unsafe-inline' *;img-src 'self' data: *;font-src 'self' data: *;connect-src 'self' *;base-uri 'self' *;report-uri /csp/report
x-dns-prefetch-control
off
server-timing
config; dur=0.421108; desc="Compute config for request", total; dur=18.724928; desc="Total Response Time"
content-length
21780
x-xss-protection
0, 1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer
last-modified
Mon, 22 Jul 2024 09:02:29 GMT
server
dis-waf
etag
W/"5514-190d9ad93a8"
x-download-options
noopen
vary
Origin
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=32140800
access-control-allow-credentials
true
accept-ranges
bytes
x-dis-country
FR
x-content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' api.lyra.com api.payzen.eu ajax.googleapis.com ws.colissimo.fr api.mapbox.com www.paypalobjects.com *.google.com *.google.fr *.googleadservices.com googleads.g.doubleclick.net connect.facebook.net sw-assets.ekomiapps.de static.payzen.eu *.paypal.com secure.payzen.eu www.google-analytics.com maps.googleapis.com *.googletagmanager.com www.clarity.ms *.axept.io sibautomation.com;frame-src * 'self';style-src 'self' 'unsafe-inline' api.lyra.com api.payzen.eu ws.colissimo.fr api.mapbox.com widgets.ekomi.com sw-assets.ekomiapps.de static.payzen.eu secure.payzen.eu fonts.googleapis.com www.googletagmanager.com;img-src 'self' data: api.lyra.com *.front-commerce.com collegien-shop.fr ws.colissimo.fr api.mapbox.com *.onyourmap.com stats.g.doubleclick.net *.paypal.com *.instagram.com *.cdninstagram.com *.google.com *.google.fr googleads.g.doubleclick.net www.facebook.com scontent.cdninstagram.com scontent-cdt1-1.cdninstagram.com sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de cx.atdmt.com static.payzen.eu www.paypalobjects.com secure.payzen.eu *.google-analytics.com maps.googleapis.com maps.gstatic.com *.googletagmanager.com *.google.com c.clarity.ms axeptio.imgix.net *.axept.io *.gstatic.com favicons.axept.io;font-src 'self' data: ws.colissimo.fr sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de fonts.gstatic.com github.com www.googletagmanager.com;connect-src 'self' ws.colissimo.fr widgets.ekomi.com smart-widget-assets.ekomiapps.de *.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.paypal.com www.paypalobjects.com www.google.fr *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.clarity.ms *.axept.io *.axept.eu in-automate.brevo.com;base-uri 'self';media-src 'self' data:;report-uri /csp/report

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT3G8DH

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __CONTRIBUTION_MODE_DATA__ object| dataLayer object| __SSR_DEVICE__ object| __APOLLO_STATE__ object| __SESSION_SELF_DESTRUCTED_DATA__ object| __LOADABLE_LOADED_CHUNKS__

1 Cookies

Domain/Path Name / Value
www.collegien-shop.com/ Name: dis_waf_js
Value: f30c36d61a33da093a4f4fa6bcaea80db70fac898c253e3e0ba8977396c11c9b843859b102a992431026dc16be56a6b36e1eda4b63f86e635e7150be2c8d88a0add403da3f22608d9f8275b4f8cd02d8d79e577e61e89a75e7b7c00ce1e8bb28b0796c47f70b6050610a541c2fdce2227e602c58252861375dcccacfd09a208aa3ed8fedc468173baaf94c4d90c53cb95d

1 Console Messages

Source Level URL
Text
network error URL: https://www.collegien-shop.com/
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.collegien-shop.com
www.googletagmanager.com
www.googletagmanager.com
185.249.140.54
0edf8ba142c958235b653f823bb2829f442be642058cc940cf064729983c27ef
0f207c46754553f74c1cee65a6d0a4214dda9138f64ab09cebfc820ad3b71a2e
1e209d8c96d75907c4270250b5ce61a5d551ee43ef17d862e412317997a9f4a9
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
43df1ef26205bb488719bee3a60f880393a63089e5b515eb365a9d2c8793c347
517be397db5d618d34c60b12463674d85a7251b4dff1f919388e53e00a4d3905
571b2c280da015f9296fd8c0324fe756512f534b8611b844488feba95a618e89
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
69dbfb1cadebf2ac66cf2d3a3f20dc35f4fb362786eb5aa11ce4eeca24e68c45
7f7ba87e3bbdf17d85a90e243e435d03ba7ceaf38f43f9a59b1907a60032f18c
81ebc3916b524007b756d91d9df13c7673ec401161f2cad161662d08dcf1cc72
84033b24e9247cc3fd24f44f600c8563ffe66d5865fca1529eb27158984cc0fb
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
882f10a8789cdaed0607e609b1c5771c9cff1d93e5b096ace37b216780360687
913e28731950e6ba9c4d18f87d6af382cfdba5479883f0a1c0637c47d059d4c4
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
b6df801050ead9ea3fce6f9de5994afb0a2a6e3b57fdbe586fcadd69e8150e75
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d13fcb01ca0b7c5fdf3474c748337a9fab27007865c677bbb0f624a3007fbd7c
d7da04f79f972acb049c226040d0e918d3856e9bf4765933e0adf957a4e27434
db9ce631c7d6f98770ca6a218966102efc0084a6f8dab8edf960e61ca672a1ef
e2e217c6e09ab5517bdc61da199fd6cdd5ffad2c93cfec0c121cbcaafbf085ac
ea96c1b9a3424181aaaf8a80fb239c4e7d9861382bd7b28b81a48b0ef29c15e5
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340