Submitted URL: https://sekoya.go2cloud.org/aff_c?offer_id=159&aff_id=1143&url_id=10404&source=emailing&civility=&email=&firstname=&lastname...
Effective URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname...
Submission: On December 18 via manual from PT — Scanned from PT

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 56 HTTP transactions. The main IP is 13.37.18.140, located in Paris, France and belongs to AMAZON-02, US. The main domain is airfrance-lejeu90ans.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 23rd 2023. Valid for: a year.
This is the only time airfrance-lejeu90ans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.202.12.61 16509 (AMAZON-02)
1 13.37.18.140 16509 (AMAZON-02)
10 142.250.185.228 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 18.155.129.94 16509 (AMAZON-02)
2 104.16.85.20 13335 (CLOUDFLAR...)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
16 188.114.97.3 13335 (CLOUDFLAR...)
1 78.47.189.205 24940 (HETZNER-AS)
4 157.240.251.9 32934 (FACEBOOK)
10 142.250.74.195 15169 (GOOGLE)
1 157.240.252.35 32934 (FACEBOOK)
6 142.250.185.195 15169 (GOOGLE)
56 13
Apex Domain
Subdomains
Transfer
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
979 KB
16 asset-sekoya.com
asset-sekoya.com
2 MB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
100 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
178 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
94 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
53 KB
2 sekoya.cloud
assets.sekoya.cloud
76 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
52 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 cookie-script.com
cdn.cookie-script.com — Cisco Umbrella Rank: 25793
31 KB
1 airfrance-lejeu90ans.com
airfrance-lejeu90ans.com
24 KB
1 go2cloud.org
sekoya.go2cloud.org
2 KB
56 12
Domain Requested by
16 asset-sekoya.com airfrance-lejeu90ans.com
asset-sekoya.com
unpkg.com
10 www.gstatic.com www.google.com
www.gstatic.com
10 www.google.com airfrance-lejeu90ans.com
www.gstatic.com
www.google.com
6 fonts.gstatic.com www.google.com
4 connect.facebook.net airfrance-lejeu90ans.com
connect.facebook.net
2 unpkg.com 1 redirects airfrance-lejeu90ans.com
2 cdn.jsdelivr.net airfrance-lejeu90ans.com
2 assets.sekoya.cloud airfrance-lejeu90ans.com
2 cdnjs.cloudflare.com airfrance-lejeu90ans.com
1 www.facebook.com airfrance-lejeu90ans.com
1 cdn.cookie-script.com airfrance-lejeu90ans.com
1 airfrance-lejeu90ans.com
1 sekoya.go2cloud.org 1 redirects
56 13

This site contains links to these domains. Also see Links.

Domain
sekoya.go2cloud.org
sekoya.digital
Subject Issuer Validity Valid
airfrance-lejeu90ans.com
Amazon RSA 2048 M03
2023-11-23 -
2024-12-21
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
assets.sekoya.cloud
Amazon RSA 2048 M01
2023-08-03 -
2024-08-31
a year crt.sh
asset-sekoya.com
E1
2023-12-09 -
2024-03-08
3 months crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-11 -
2024-07-25
10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-26 -
2023-12-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 4 frames:

Primary Page: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Frame ID: B82D46D2154A09B5689FC271A840940E
Requests: 34 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Frame ID: EC5123654A94EBB172B7F48AC63721FE
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Frame ID: 64CC86F6372234FC903314BF445A981D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Frame ID: 3CDB57629E85CCB300C9F5F6894AE19D
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Air France 90ans

Page URL History Show full URLs

  1. https://sekoya.go2cloud.org/aff_c?offer_id=159&aff_id=1143&url_id=10404&source=emailing&civility=&email=... HTTP 302
    https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

56
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

13
IPs

6
Countries

3799 kB
Transfer

6680 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sekoya.go2cloud.org/aff_c?offer_id=159&aff_id=1143&url_id=10404&source=emailing&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR HTTP 302
    https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fr
airfrance-lejeu90ans.com/lang/
Redirect Chain
  • https://sekoya.go2cloud.org/aff_c?offer_id=159&aff_id=1143&url_id=10404&source=emailing&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
  • https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
23 KB
24 KB
Document
General
Full URL
https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.18.140 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-18-140.eu-west-3.compute.amazonaws.com
Software
/ PHP/8.2.13
Resource Hash
d49035622ea2c64e25346bd0c5c21e540ef7d4e347abb06f0c07e67bb539031a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
apigw-requestid
QIi6WiZXiGYEMlA=
cache-control
no-cache, private
content-length
23160
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 10:00:34 GMT
x-powered-by
PHP/8.2.13

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
397
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 18 Dec 2023 10:00:33 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102a7d82c565d8c7ca32cc7c6790e1
X-Request-Id
d5eca84bfa203aea37bcde32bf405e7c
X-Robots-Tag
noindex, nofollow
enterprise.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
abdb8f3246ad5ee362f41a1df95df691fb7fad4f99b92cacada017d5df34e829
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 18 Dec 2023 10:00:34 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1053876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi%2BTJOvHMlpVWmbJha%2BGUzwxGTY90E9LehrUoYtF%2BxYHj1AXpSiqU5q%2FdDpLAk%2FCsu4QP1bdY8ClSEmeZKeUQJ6n08Yrb5CSaTgHVnUqEy5fe8LmUX2bEVk8NHhKGQuPg85VbW%2Fh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83768f3dbc9d338d-LIS
expires
Sat, 07 Dec 2024 10:00:34 GMT
hs_libs.js
assets.sekoya.cloud/cloud-front/assets/v1/js/
229 KB
63 KB
Script
General
Full URL
https://assets.sekoya.cloud/cloud-front/assets/v1/js/hs_libs.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-94.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81e87098073d35d445d01944dd5c13872d5b66803c806f672a51bd364f5a59e8

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 05:45:29 GMT
content-encoding
gzip
via
1.1 70d0c3e03d12e29afa36204c065ad51c.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 13:33:04 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
37448
etag
W/"e65fbf0799bfacbf678d4cc033bed85a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3cWCoebh__S-Qmg803M3bxTRH6yvTPWFS5CGFAekjLML3KL7hNmPSw==
theme.js
assets.sekoya.cloud/cloud-front/assets/v1/js/
49 KB
13 KB
Script
General
Full URL
https://assets.sekoya.cloud/cloud-front/assets/v1/js/theme.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-94.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3ff3f3c76770cc9e43327284d5323285c27bca97ca7e38805653274bc802d9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 23:00:58 GMT
content-encoding
gzip
via
1.1 70d0c3e03d12e29afa36204c065ad51c.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 13:33:04 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
39577
etag
W/"09ba4b9d83653a82847f044920957bd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
KkvxktY7ezIiD56eL73G2-3WiSETQ93Sp4eWO1f8bUtGJ_1mFLZj_g==
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/
61 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22334
last-modified
Thu, 25 Mar 2021 07:56:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605c4223-f455"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhDVxNew0twfJkoTLsnEnCMW550BZMhO%2Fa4j5Muwk%2BNCw2WdCxkeXW5NcfkAMrBb4m7VW08WzDePpUlbPk5%2F1cpx7KjCgFe%2Blifaa%2BhFbPhQvGdOwbs1Zla0SFYPcYaOfMLmSrjm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83768f3dbc9f338d-LIS
expires
Sat, 07 Dec 2024 10:00:34 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/
79 KB
24 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3209495
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230056-FRA, cache-mad22064-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vfOL6JUs0nRh16T9KVDajZnrL3ecUpb97YRP2pKOLhi3LskZyF%2F%2FdTqLaRVYIHOE9aqB8NaLL%2BR8INGRhYY6qNdfTD%2F0wertVnc%2BSoUUqwYnk%2BN3fZQnIbkhiur79Ndygk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83768f3dcf70489d-LIS
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
359 KB
93 KB
Script
General
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3465110
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HEPXAM6FEXN0NZWW869A3B37-mad
server
cloudflare
etag
W/"59a07-4AFgJQ3i5PlD1ojTWKqOoTRXKIo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
83768f406b963392-LIS

Redirect headers

date
Mon, 18 Dec 2023 10:00:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HHY5CVDTHVTPT170VN8TZM2K-mad
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
546
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
83768f401b113392-LIS
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/
190 KB
29 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3209225
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-mad2200130-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYSvqS5LPV0pC7KuXl1OK%2Bd4IunGB5tkUZS1EZCuDuuLzqRdiRzjfb%2FHdWIoGGjJvZdSI%2F6E4mKmaLlKHxiNE%2F6A1cHHv2loL%2FTAg4lxrNuE1VofqK6eAvydP61bZF1y7n0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83768f3dcf6e489d-LIS
fonts.css
asset-sekoya.com/202312-air-france/assets/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/css/fonts.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69514725683ba6b96f4b5126c96224692d2d6b4841171797ece9704a615296c4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 10:30:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"f1f597153de349dc360057945a8499ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NY6FXzapdvctOUbfYxOAX6YAVVhzUnrbD4r%2F%2FoU47cBjczr83zLKwTBACrX75vnXUpFuoDDZ7%2BBg9AySnnv8O2nmDQPWyt7CA1566TWCIKRQ6zmct6Jck7eB62RuJ3TjT8g"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83768f3e0f48314b-MAD
alt-svc
h3=":443"; ma=86400
base-5dec04d2.css
asset-sekoya.com/202312-air-france/assets/build/assets/
2 KB
1 KB
Stylesheet
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/build/assets/base-5dec04d2.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dec04d27a110f5fc11917027cba3b5e7cd0887bf97485378c58d9b0f86bca60

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 10:32:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"805e0f863cd5b59aebffc6fd72e977e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7CuNEshttbVpXvq5p5yZsPMW6i7%2Bth12q7MYOb86MQ%2FROBAsm%2BiMaox7G7cR0DWKsriTlo%2Ff3JjPAnTD3OSWExJdfw0%2F%2BaN%2FrNiBFJqjDsQsnnKe1m7WvS542mRQydN4Tj8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83768f3e0f49314b-MAD
alt-svc
h3=":443"; ma=86400
global-b4c9c2a3.css
asset-sekoya.com/202312-air-france/assets/build/assets/
12 KB
3 KB
Stylesheet
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/build/assets/global-b4c9c2a3.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5afbfb652b2f6f17fbd6fe6f727e3d15e9ed18084dc4c9c10ef660e0a03d00f

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 10:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"c96a9cab7ed4cdd38c0c69a0383c8c1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR7nm2hnHUEaMdvUfL1zQyPIw2A9YgKXD%2FvPqShFYdr0qB6j0AebgbhY1uqIV6NHteoez0GXcxnMycj2WH0%2BvDVRSOXubpeIwpI06vHQc6IJLFf0XsyFtmvgo1ZPbVtFblC9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83768f3e0f4a314b-MAD
alt-svc
h3=":443"; ma=86400
responsive-07e01d8c.css
asset-sekoya.com/202312-air-france/assets/build/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/build/assets/responsive-07e01d8c.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf8f0544e90f3bf9f54f070befa570969892e8dc2cc883cabe81606f21cdb34

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 10:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"6ff3d08ec4d2290b1602a8fd4288a601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeUdSgsQvY%2FvSvZ1vs5%2Fcwhr4u7uOCF8TRTdGFYukYiwIMdsGDtG7HjguhSXRiYjegQQPJAFKl9mTnnSp0BfI%2B920LqqJeEtgLPoEph9jlE2dFccqGDQQCDIsGHG296aXGsb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83768f3e0f4c314b-MAD
alt-svc
h3=":443"; ma=86400
tippy-theme-89077c70.css
asset-sekoya.com/202312-air-france/assets/build/assets/
121 B
389 B
Stylesheet
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/build/assets/tippy-theme-89077c70.css
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89077c7007f0a4b5622659d9e1e690a6936ab9aa514947625643cf249b8f9d1d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 10:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"f0619fda2677d327e623a64c4ce37bd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtSkf2AKneiXR1460Uj%2ByhxRQM8NKxrQFKRt9XgCsIA0kKLE0NP7CNUfC%2FZL2Usqb9%2Bh8rAPkVAu18%2F5zL3uBs2ipfGQ8q7DY0BPHmmbTJXY1OM40jSXUeH%2BX7BTO%2Btq%2FWat"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83768f3e0f4e314b-MAD
alt-svc
h3=":443"; ma=86400
app.js
asset-sekoya.com/202312-air-france/assets/js/
120 KB
40 KB
Script
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/js/app.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1595b6d3993c77bc351d75fe0a52bbc6459f7537ac9ae23958734131be13e4f1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6235
etag
W/"970b613af9316f514beecd1113ef80e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCaptNd%2FhzVrcC7AAKx7mxqaG0F4hQIlnR8TFOjJwVr2WVE8s%2B%2BWbiUtRZ%2Fox8DGjdXVXA6ja8iEOfx7LO0nwRe6MiZ3hTicfLf0%2FXoQbggiBruD0MiMWeAO6I3mBwH2YL7U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83768f3f99ef314b-MAD
alt-svc
h3=":443"; ma=86400
global.js
asset-sekoya.com/202312-air-france/assets/js/
2 KB
2 KB
Script
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/js/global.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e10937ba0475d63b91b46bdd9a393805b0be317c1be7483a9e71731031bd18

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6235
etag
W/"825247dd17e537ebe7cd7c11bcf61827"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nck7Pr%2Fx24tgXND75Px6qHg7KNNYU9iEfl9f%2FvO%2Bj%2FKWlx1xbmVLAnJx9JA2BeWj%2FK1l4EgPFFtUrjMvE9rbsVEHcFjfjzRyybTPA1WTVYwc6Pbh820O8CzvW0yp9BB6OgM8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83768f3f99f5314b-MAD
alt-svc
h3=":443"; ma=86400
4ec768301d092bbdee0ef130885a7d3f.js
cdn.cookie-script.com/s/
157 KB
31 KB
Script
General
Full URL
https://cdn.cookie-script.com/s/4ec768301d092bbdee0ef130885a7d3f.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.47.189.205 Mundelsheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.189.47.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3ef9e7f481b4f76b8a8b5e397852215472ce1a795fdf410ff963310eadc872e6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2023 19:18:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1ce0fe3affbc48b36ff408b17b097f57"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
44b8ad343dae9b2203c0039c55e0c75e685bc460f09d9ff4b6d50c7cbdd4d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://airfrance-lejeu90ans.com/
Origin
https://airfrance-lejeu90ans.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 10:00:34 GMT
content-md5
/P6swmEa0FuoaJfb/AkJbg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
SmZ3ihc3BR8/JE9Q3Ph/yxZgwRj7K/FBJOyglhG2SUXVyQ3xCkzVRswM0kqMJKlHq1qJuNqNEMp6uuyBPL/VaQ==
x-fb-content-md5
2e1a03b3f07ed872af43600196687236
cross-origin-opener-policy
same-origin-allow-popups
etag
"7d8d3132b188cb170f896a7b99170a14"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 18 Dec 2023 10:04:58 GMT
logo-af-bleu.svg
asset-sekoya.com/202312-air-france/assets/img/
2 KB
2 KB
Image
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/logo-af-bleu.svg
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c152396b383ff7bde6109d58de5c05fb7bf8b2e7312b3560a048f9a5cadf85

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
W/"460f4b6184ef3b0a1f190d9b9ed37148"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXSrXSw8lnKd2IzJdDL%2FWKb%2BPtaAGcEILk6rbGjW2igyOeSy2X1orXGXzyBiMZdUHpXoZ%2BFQxQcsfCZ%2BizPlFJC43lKHIhOu5T0YP1zjTM8cOBcaAKU%2FtL4oyiqX0CniYziS"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
83768f3e0f4f314b-MAD
alt-svc
h3=":443"; ma=86400
bg-famille-1024.jpg
asset-sekoya.com/202312-air-france/assets/img/
183 KB
183 KB
Image
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/bg-famille-1024.jpg
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0522a436c28e6c4bc90ea8fa3afb7b108e46dbb8e2c776c7f864e9d9e4f27871

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6236
etag
"9d5823b5f0a3bfeb03050bd787cf60d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7bXl36RSr7kOE9FFDv6hTwPiaBl9FOU4roWzMi4%2FQyegfUoUGMK0ycy6smPMmMEkxlCvWeO2dPq7C728GuS9Tbpge%2F7qnB9L%2BnXWqPQ3naEbWvYBxg94wuHwUW3yGMoL0Gv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83768f3e6ff7314b-MAD
alt-svc
h3=":443"; ma=86400
content-length
186969
loader.svg
asset-sekoya.com/202312-air-france/assets/img/
808 B
715 B
Image
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/loader.svg
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4b2d7896f27aa253e13dc589085a76ac0ab990020fb4179dcc9b58f4a02cf6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6235
etag
W/"174791925f0e41f3b49ce70191514738"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwTSciTAjTAj%2BUiqP84zCzGzfPv9k5lFYfLs6N4o%2Fb8yS2Ck3ZC1jfqxp1rkzFZQTbULrJSI5ZYmMGPQ%2Bdc7wtNbDkT5cGhKTIMJCJZkgIdNd1i4AxBxqPgZ5E059sa2FrDo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
83768f3f99f8314b-MAD
alt-svc
h3=":443"; ma=86400
sekoya_logo.svg
asset-sekoya.com/202312-air-france/assets/img/
17 KB
7 KB
Image
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/sekoya_logo.svg
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343ead38e917e77bfa92b370b5e19e011a7192b62626a9437e88c216960253ef

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6235
etag
W/"945d4cbfbb27d1fcd965bc454de4e7d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeTMyFZ2CoZPSGvf7B%2F1YeJ73GcDSyTQ00otCuMUykpvEIoiUAYP8b5yaLF8iJ%2FN1pomdKuMV7wkn2v7oSnpeep0dFY9Q4wbR%2Fkj8AmvtetuJDI74uYTwnOIenrTrFsyIsrH"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
83768f3f99fd314b-MAD
alt-svc
h3=":443"; ma=86400
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/
504 KB
203 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
f23503e3bdee980662c5ad132c842ffb952b2898ada84a3b656df34f5b4c19e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://airfrance-lejeu90ans.com/
Origin
https://airfrance-lejeu90ans.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206841
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 17:41:09 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Dec 2023 10:00:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
djtOkGqNWrZI3+t5qModizJhsvb+9LactIkTUTzxCRledN65AuGTayTvELa4DHC2oCJ22e6WsXCMjosm79hs8w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg-home.jpg
asset-sekoya.com/202312-air-france/assets/img/
2 MB
2 MB
Image
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/bg-home.jpg
Requested by
Host: asset-sekoya.com
URL: https://asset-sekoya.com/202312-air-france/assets/build/assets/global-b4c9c2a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf86207d684164a5f47608e6f71965d9b50406f31dd33a87702ae49f6a38b0f8

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://asset-sekoya.com/202312-air-france/assets/build/assets/global-b4c9c2a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 18:20:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6877
etag
"1208d18156baab8cf2d47f588db0f243"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcYdFb0aTV7aK3Wyj1qtLKfmGjaK1XE%2BmWs0HKH1759B3Ws01%2Bs%2B8hhiXfK%2F6CZFr2v3aVPYz32A%2B1oOXkovz5BYTAbA14u8Pw7F5ChuxKPDwrXgyN60IDqxcMBofSxnqiTH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83768f3fba38314b-MAD
alt-svc
h3=":443"; ma=86400
content-length
1920114
ExcellenceInMotionScreen-Regular.woff
asset-sekoya.com/202312-air-france/assets/fonts/
39 KB
40 KB
Font
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/fonts/ExcellenceInMotionScreen-Regular.woff
Requested by
Host: asset-sekoya.com
URL: https://asset-sekoya.com/202312-air-france/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223a1d278be1cbc5435c67dc9bcb7ec41379e3d4b77dc5bfc1abfef97d4546c9

Request headers

Referer
https://asset-sekoya.com/202312-air-france/assets/css/fonts.css
Origin
https://airfrance-lejeu90ans.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3986
alt-svc
h3=":443"; ma=86400
content-length
40096
last-modified
Sat, 09 Dec 2023 18:20:19 GMT
server
cloudflare
etag
"226a1d0a48601e704fc78e5b2ccb839a"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yUyvyL1db3twGAiCROaCNNT5oMak9LnNNlySUWkoJ69LjaiucIaX7c11%2B7YKftX4jBbfcyUsnTRjOl1eq6c%2FCqBKSEpSWSocMg%2BLuZwZqY4GvnNUOqRBPpuuUSRIg1IoNqt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83768f406c1c214e-MAD
truncated
/
266 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
183 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
ExcellenceInMotionScreen-Bold.woff
asset-sekoya.com/202312-air-france/assets/fonts/
39 KB
39 KB
Font
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/fonts/ExcellenceInMotionScreen-Bold.woff
Requested by
Host: asset-sekoya.com
URL: https://asset-sekoya.com/202312-air-france/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926097c67fb0be9b17a371b76d45045acd5de502b748251486ea1644eea2bf85

Request headers

Referer
https://asset-sekoya.com/202312-air-france/assets/css/fonts.css
Origin
https://airfrance-lejeu90ans.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3986
alt-svc
h3=":443"; ma=86400
content-length
39676
last-modified
Sat, 09 Dec 2023 18:20:20 GMT
server
cloudflare
etag
"4e5020ed15545873170d6f71567190f0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyjtc2SKkluXwtVYzNFBBnSmB36MufEKlxpYhYnGY4Opfwl1uUqmbXJpAkdRUOrVdjbNUGl3PpSWHQB2idbqfjBGQAw6cPnHVGbq9UmyW08c6expiEvUIeUel8qDskrOnKg7"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83768f406c1f214e-MAD
sdk.js
connect.facebook.net/en_US/
302 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ba1bac5eb094e6f8d2c742bd8567ba44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
44a7210cfe7952c1317f8938a53c5ccc3088e781005363b290837cd8717b5900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://airfrance-lejeu90ans.com/
Origin
https://airfrance-lejeu90ans.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Dec 2023 10:00:34 GMT
content-md5
EUxORwsG4+SOr2P8J1J4LQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88331
reporting-endpoints
x-fb-debug
TatBwx/BFGSpyk17mcaAevcpuU3Lo7wXQa6NHsTqGZuhw+QfPDncKKb24GPewQ3YjiXM9EM9RimsS5GT0Nv5jw==
x-fb-content-md5
50895c89ff39b3f0b1b6cce946e87ee5
cross-origin-opener-policy
same-origin-allow-popups
etag
"8d18b46fc04562577c609750841a2386"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 08:32:51 GMT
logo-90.json
asset-sekoya.com/202312-air-france/assets/img/
20 KB
7 KB
XHR
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/logo-90.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cddf5004bd527caafe73dbe7014761ebe547dd9d42787fc9e7d67a9039c62d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2077c1e13145cd16933ea1d0966518e6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpVJfS4l5vAJH94Dx3muF6LitplU8EI%2F4KnkTMVhJdVw79W%2Bix%2FIKooayqrvUja0x1yYyjMf%2FAw6wVMHbebsv9jkUHMGyE%2BFJyWegXlQ%2BRGtR6MgHRMALhx88fIkLprvHx%2FT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
83768f41de87214e-MAD
alt-svc
h3=":443"; ma=86400
logo-90.json
asset-sekoya.com/202312-air-france/assets/img/
20 KB
7 KB
Fetch
General
Full URL
https://asset-sekoya.com/202312-air-france/assets/img/logo-90.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cddf5004bd527caafe73dbe7014761ebe547dd9d42787fc9e7d67a9039c62d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 09 Dec 2023 18:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2077c1e13145cd16933ea1d0966518e6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf1EYgw43cprvW2lxptKtpdqnHNoZymqfY4c69IZvPYJQlLG3KFMIMSDhwekZokU9xWIm3mmP5r1yr2O90%2BugbNjE46lXHL8jAZqSYjiMrc6%2BnTlIu%2BiUL0J3eJ8ysWn4iOH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
83768f41de8d214e-MAD
alt-svc
h3=":443"; ma=86400
1128639737728088
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1128639737728088?v=2.9.138&r=stable&domain=airfrance-lejeu90ans.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
1b51b0f25a9273d7c1661533a5f5e0e36e4f57671fdf13208b425df25006f2a7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Dec 2023 10:00:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35370
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
MATTR3pEGBXLbQr15P5882m2WT9ykOkdBCNR09QEEx8Q6M/mx9twSWMLvEZcwb50wdsDmtHFmUdNCQLkH4+y6A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame EC51
41 KB
26 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
9e6039e8215639f6044647f214158281313179c6dbec920c325a5e78a90306f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gPRZTbUUX2uw5M8SiPL0NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://airfrance-lejeu90ans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gPRZTbUUX2uw5M8SiPL0NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 10:00:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/enterprise/ Frame 64CC
43 KB
27 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
f92ee38c6beb798c8af14129f2bc4ed96da50e614ddaaef373ab22e13e648b30
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fJCpcEtfdPPGIRHIIcfOGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://airfrance-lejeu90ans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fJCpcEtfdPPGIRHIIcfOGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 10:00:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/enterprise/ Frame 3CDB
41 KB
26 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
0158813e7254ea8a53471dd96019f398d4bf99f4a09e210d68b2b08332344cfe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LH0fh-cq3GKbTdwonvq5ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://airfrance-lejeu90ans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LH0fh-cq3GKbTdwonvq5ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 10:00:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1128639737728088&ev=PageView&dl=https%3A%2F%2Fairfrance-lejeu90ans.com%2Flang%2Ffr%3Fsekoya_partner%3D1143%26sekoya_source%3Demailing%26aff_sub%3D%26civility%3D%26email%3D%26firstname%3D_removed_%26lastname%3D_removed_%26birthdate%3D_removed_%26zip_code%3D%26airport%3D%26residence%3DFR%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522firstname%2522%252C%2522lastname%2522%252C%2522birthdate%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1702893634997&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702893634997.1894794668&ler=empty&it=1702893634857&coo=false&rqm=GET
Requested by
Host: airfrance-lejeu90ans.com
URL: https://airfrance-lejeu90ans.com/lang/fr?sekoya_partner=1143&sekoya_source=emailing&aff_sub=&civility=&email=&firstname=&lastname=&birthdate=&zip_code=&airport=&residence=FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://airfrance-lejeu90ans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Dec 2023 10:00:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 64CC
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 09:09:37 GMT
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 64CC
504 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
f23503e3bdee980662c5ad132c842ffb952b2898ada84a3b656df34f5b4c19e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206841
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 17:41:09 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3CDB
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 09:09:37 GMT
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3CDB
504 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
f23503e3bdee980662c5ad132c842ffb952b2898ada84a3b656df34f5b4c19e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206841
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 17:41:09 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EC51
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 09:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 09:09:37 GMT
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EC51
504 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
f23503e3bdee980662c5ad132c842ffb952b2898ada84a3b656df34f5b4c19e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206841
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 17:41:09 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame 64CC
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
513944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:14:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 64CC
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
569021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64CC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
297219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64CC
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
392348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame EC51
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
513944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:14:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EC51
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
569021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC51
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
297219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC51
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
392348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 64CC
105 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
7b0e40b6d254b68825bb81f4312b0e8fdc98cd80e144452b5f2cab2f0f81ff70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optin&cb=5oh8xxtqb2gl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 18 Dec 2023 10:00:35 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame 3CDB
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pt_pt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
513944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:14:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3CDB
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
569021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3CDB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
297219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3CDB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
392348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame EC51
105 B
137 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
7b0e40b6d254b68825bb81f4312b0e8fdc98cd80e144452b5f2cab2f0f81ff70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=t0bdwskjgxz6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 18 Dec 2023 10:00:35 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 3CDB
105 B
137 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
7b0e40b6d254b68825bb81f4312b0e8fdc98cd80e144452b5f2cab2f0f81ff70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lcl_icpAAAAAHIVQ5KApfQt7eZcAK8xE8SImAug&co=aHR0cHM6Ly9haXJmcmFuY2UtbGVqZXU5MGFucy5jb206NDQz&hl=pt-PT&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=click-%3Ehome%23set_optout&cb=ml04tez9in0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 18 Dec 2023 10:00:35 GMT

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| fbq function| _fbq function| $ function| jQuery object| bootstrap function| HSUnfold function| HSFormSearch object| webpackChunkcloud_front object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin number| uidEvent function| CookieScript function| fbAsyncInit function| onSubmit object| FB object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| li function| fi function| xe function| un function| hi function| pi function| et function| dn function| Wt function| Ui function| L function| Jt function| bn function| Sr function| Wi function| Rt function| Cr function| cr function| Xi function| wn function| rs function| ns function| is function| An function| ss function| ze function| At function| cs function| It function| ls function| fs function| Vt function| Tn function| tt function| ds function| ps function| ms function| xn function| vs function| ys function| Fr function| Ut function| Lr function| Be function| Es function| Ts function| xs function| Mn function| Ds function| Rs function| Bs function| ks function| Ps function| hr function| Qt function| rt function| Dn function| js function| kr function| Zt function| _s function| bt function| Is function| Us function| Hs function| Ln function| Ks function| Ws function| Js function| Xs function| nt function| Zs function| kn function| eo function| to function| io function| so function| oo function| ao function| co function| fo function| er function| $r function| Ao function| To function| xo function| So function| _r function| Ir function| Co function| Mo function| Do function| Fo function| No function| Pn function| Ct function| Ge function| Lo function| Ro function| Bo function| ko function| Hr function| jo object| $o function| _o object| $n function| Io string| Q string| se string| oe string| Z string| mr object| it string| ke string| Qe string| Uo string| _n string| qe string| Ho object| Kr object| In string| Ko string| zo string| qo string| Wo string| Jo string| Xo string| Yo string| Go string| Qo object| Zo function| de function| ee function| De function| ie function| gr function| ea function| ta function| fe function| Me function| Mt function| Pe function| rr function| Un function| je function| vr function| Hn function| ye function| ra function| Ee function| kt function| zr function| na function| st function| yr function| We function| ia function| Kn function| zn function| qn function| sa function| oa function| aa function| $e object| ua function| la function| qr function| fa object| Ot function| ha object| ma function| xt object| ga function| Wr function| br function| Or function| va function| ya function| wr function| Wn function| Je function| nr function| ba function| Jr function| Oa function| wa function| Jn function| Ze function| Ea function| Aa function| Ta function| Xr function| Yr function| Sa function| Ma function| Da function| Na function| Ra function| Ba function| Pa function| ja function| $a function| _a function| Ia function| Va function| Ua function| Ha object| Gr function| Qr function| Ka object| za function| qa string| Wa string| Xn string| Ja string| Yn string| Gn object| Se function| Qn function| Ht function| Er function| Zn function| Zr function| Xa function| Re function| en function| Ya function| Ga function| Dt function| tn function| Xe function| Pt function| Qa function| Za function| ec function| tc function| Kt function| rn function| rc function| nc function| zt function| nn object| ue number| sn function| ic function| ei function| sc function| oc boolean| ac boolean| cc object| uc object| lc object| ce object| fc function| dc function| ti function| hc function| on function| pc function| ir function| an function| cn function| sr function| ri number| mc object| wt object| qt function| gc function| ot function| axios object| Stimulus object| recaptcha object| closure_lm_37750 object| __buffer

5 Cookies

Domain/Path Name / Value
sekoya.go2cloud.org/ Name: aff_ran_url_159
Value: 10404
sekoya.go2cloud.org/ Name: enc_aff_session_159
Value: ENC03aec97e1b1b92c3270a68f13ae09955a9cbb921fb29d9433a7791bb880d9451ec5ae7b226d796503716e002a892442571504ca72faf50ab9320ef874b6a201c30f9a321bea56be720ff3a51802abc41ff93e8a2aa9f8eb1dc4f9d16e3b00081ecf3c810b81fa16ad4cb113be1f63f9a84121372b831a4fca4d5b0c8558e6621240418524f
sekoya.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJwdC1QVCxwdDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
airfrance-lejeu90ans.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkJHZUlmcEkzVzNjT3MzdnlzRUVSWmc9PSIsInZhbHVlIjoieW10c01NVzFuQ01zTXBUbitqcCt2cHBIbVJ4cnRKbnRjaUxDSXErN2Y4djlVSEVNTzZzd0tLajZvOVRXRC9jdEpwb3drZ3VCTzM2QzBtNFh2elN2T1BrQWM4YXgxaUZZNnBtbFR2bEdSVFcxT0RnK3h0cFZ2dURDUEQveSt5Y2siLCJtYWMiOiJmMDE0MDU4ZTJmM2Y2MzViZWUxM2E4ZjlmYTdiMDM4NGY1NjIwM2QzZmE4OGI3ZGNiMjc2YzQ5ZTMxOGQ5ODQwIiwidGFnIjoiIn0%3D
airfrance-lejeu90ans.com/ Name: 202312_air_france_session
Value: eyJpdiI6InZqYnR3cGIyeTlKcmJJY2grZUJHS0E9PSIsInZhbHVlIjoidVhsWTBDSkdQWVp2bUFHK0pMSEhuK2tNZWZLNHc3cXhGMzdqOHQ4NVdFRzlzU05QOWZBZXhDY3JsblhrRXhwM0lkTG9MN0lSbkZJOXpFYm1uZnM1c3prbTNmUHVTay9ZWlU3NnpZRWl0VU5KMWxkZmZ2YnhyU09UaWIvek9QRmgiLCJtYWMiOiI3OGI3MDBlNzQyZjU1Y2Q4MGJjY2QwM2NlN2Y3OWZhNDAxOGM5YTM5ZGZjZDRlMGFkZTE0MGY1NzIzN2U1YmJiIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airfrance-lejeu90ans.com
asset-sekoya.com
assets.sekoya.cloud
cdn.cookie-script.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
sekoya.go2cloud.org
unpkg.com
www.facebook.com
www.google.com
www.gstatic.com
104.16.123.175
104.16.85.20
104.17.24.14
13.37.18.140
142.250.185.195
142.250.185.228
142.250.74.195
157.240.251.9
157.240.252.35
18.155.129.94
18.202.12.61
188.114.97.3
78.47.189.205
0158813e7254ea8a53471dd96019f398d4bf99f4a09e210d68b2b08332344cfe
0522a436c28e6c4bc90ea8fa3afb7b108e46dbb8e2c776c7f864e9d9e4f27871
1595b6d3993c77bc351d75fe0a52bbc6459f7537ac9ae23958734131be13e4f1
1b51b0f25a9273d7c1661533a5f5e0e36e4f57671fdf13208b425df25006f2a7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d4b2d7896f27aa253e13dc589085a76ac0ab990020fb4179dcc9b58f4a02cf6
223a1d278be1cbc5435c67dc9bcb7ec41379e3d4b77dc5bfc1abfef97d4546c9
343ead38e917e77bfa92b370b5e19e011a7192b62626a9437e88c216960253ef
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ef9e7f481b4f76b8a8b5e397852215472ce1a795fdf410ff963310eadc872e6
44a7210cfe7952c1317f8938a53c5ccc3088e781005363b290837cd8717b5900
44b8ad343dae9b2203c0039c55e0c75e685bc460f09d9ff4b6d50c7cbdd4d4fe
47c152396b383ff7bde6109d58de5c05fb7bf8b2e7312b3560a048f9a5cadf85
55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dec04d27a110f5fc11917027cba3b5e7cd0887bf97485378c58d9b0f86bca60
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69514725683ba6b96f4b5126c96224692d2d6b4841171797ece9704a615296c4
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b0e40b6d254b68825bb81f4312b0e8fdc98cd80e144452b5f2cab2f0f81ff70
81e87098073d35d445d01944dd5c13872d5b66803c806f672a51bd364f5a59e8
89077c7007f0a4b5622659d9e1e690a6936ab9aa514947625643cf249b8f9d1d
926097c67fb0be9b17a371b76d45045acd5de502b748251486ea1644eea2bf85
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9e6039e8215639f6044647f214158281313179c6dbec920c325a5e78a90306f9
abdb8f3246ad5ee362f41a1df95df691fb7fad4f99b92cacada017d5df34e829
b2e10937ba0475d63b91b46bdd9a393805b0be317c1be7483a9e71731031bd18
bf86207d684164a5f47608e6f71965d9b50406f31dd33a87702ae49f6a38b0f8
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
d49035622ea2c64e25346bd0c5c21e540ef7d4e347abb06f0c07e67bb539031a
d5afbfb652b2f6f17fbd6fe6f727e3d15e9ed18084dc4c9c10ef660e0a03d00f
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
dc3ff3f3c76770cc9e43327284d5323285c27bca97ca7e38805653274bc802d9
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf8f0544e90f3bf9f54f070befa570969892e8dc2cc883cabe81606f21cdb34
f23503e3bdee980662c5ad132c842ffb952b2898ada84a3b656df34f5b4c19e2
f8cddf5004bd527caafe73dbe7014761ebe547dd9d42787fc9e7d67a9039c62d
f92ee38c6beb798c8af14129f2bc4ed96da50e614ddaaef373ab22e13e648b30