www.cinquiemesaison.com Open in urlscan Pro
165.22.225.253 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cinquiemesaison.com/
Submission: On March 10 via automatic, source certstream-suspicious (March 10th 2020, 11:05:38 am UTC)

Summary HTTP 81 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 16 domains to perform 81 HTTP transactions. The main IP is 165.22.225.253, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is www.cinquiemesaison.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 10th 2020. Valid for: 3 months.

This is the only time www.cinquiemesaison.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	165.22.225.253 165.22.225.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
28	68.71.59.75 68.71.59.75	10929 (NETELLIGENT) (NETELLIGENT)
3	130.211.21.179 130.211.21.179	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:8800:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
81	18

16 165.22.225.253 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

www.cinquiemesaison.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cinquiemesaison.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 68.71.59.75 (Montreal, Canada)

ASN10929 (NETELLIGENT, CA)
PTR: host-075.purebackend.com

bootstrap.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
controle.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mariage.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.voyagesendirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.21.179 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 179.21.211.130.bc.googleusercontent.com

koi-3qnjxcq3me.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8800:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	voyagesendirect.com bootstrap.voyagesendirect.com engine.voyagesendirect.com controle.voyagesendirect.com mariage.voyagesendirect.com pub.voyagesendirect.com agent.voyagesendirect.com images.voyagesendirect.com	134 KB
16	cinquiemesaison.com www.cinquiemesaison.com cinquiemesaison.com	548 KB
11	typekit.net use.typekit.net p.typekit.net	310 KB
6	google.com www.google.com	768 B
3	facebook.com www.facebook.com	462 B
3	google-analytics.com www.google-analytics.com	18 KB
3	marketingautomation.services koi-3qnjxcq3me.marketingautomation.services	7 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	143 KB
1	googleapis.com ajax.googleapis.com	59 KB
1	gstatic.com www.gstatic.com	94 KB
1	jsdelivr.net cdn.jsdelivr.net	3 KB
1	google.de www.google.de	110 B
1	oribi.io cdn.oribi.io	294 B
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
81	16

	Domain	Requested by
13	www.cinquiemesaison.com	www.cinquiemesaison.com
10	use.typekit.net	www.cinquiemesaison.com use.typekit.net
10	engine.voyagesendirect.com	bootstrap.voyagesendirect.com engine.voyagesendirect.com www.cinquiemesaison.com
7	bootstrap.voyagesendirect.com	www.cinquiemesaison.com bootstrap.voyagesendirect.com
6	www.google.com	www.cinquiemesaison.com www.gstatic.com
3	images.voyagesendirect.com	www.cinquiemesaison.com
3	pub.voyagesendirect.com	bootstrap.voyagesendirect.com
3	mariage.voyagesendirect.com	bootstrap.voyagesendirect.com
3	www.facebook.com	www.cinquiemesaison.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.cinquiemesaison.com
3	koi-3qnjxcq3me.marketingautomation.services	www.cinquiemesaison.com koi-3qnjxcq3me.marketingautomation.services
3	cinquiemesaison.com	www.cinquiemesaison.com
2	connect.facebook.net	www.cinquiemesaison.com connect.facebook.net
1	p.typekit.net	www.cinquiemesaison.com
1	agent.voyagesendirect.com	bootstrap.voyagesendirect.com
1	ajax.googleapis.com	bootstrap.voyagesendirect.com
1	controle.voyagesendirect.com	www.cinquiemesaison.com
1	www.gstatic.com	www.google.com
1	cdn.jsdelivr.net	bootstrap.voyagesendirect.com
1	www.google.de	www.cinquiemesaison.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.cinquiemesaison.com
1	cdn.oribi.io	www.cinquiemesaison.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.cinquiemesaison.com
81	25

This site contains links to these domains. Also see Links.

Domain
en.cinquiemesaison.com
www.facebook.com
www.instagram.com
david-goliath.com

Subject Issuer	Validity	Valid
cinquiemesaison.com Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh
*.voyagesendirect.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-01` - `2021-05-29`	2 years	crt.sh
*.marketingautomation.services COMODO RSA Organization Validation Secure Server CA	`2018-05-23` - `2020-05-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.oribi.io Amazon	`2019-07-27` - `2020-08-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.cinquiemesaison.com/
Frame ID: 413D0BAB53E3B305B2B6514C770BE271
Requests: 82 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&co=aHR0cHM6Ly93d3cuY2lucXVpZW1lc2Fpc29uLmNvbTo0NDM.&hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&theme=light&size=normal&cb=ffbkl1fs3qt6
Frame ID: DDC433A101816387E4C1099A41597BAB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&co=aHR0cHM6Ly93d3cuY2lucXVpZW1lc2Fpc29uLmNvbTo0NDM.&hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&theme=light&size=normal&cb=8bqvchv7dbjg
Frame ID: 434215E0127DB5508AC70439175A7330
Requests: 1 HTTP requests in this frame

Frame: https://controle.voyagesendirect.com/setanalytics.html
Frame ID: 898E05F9B1C73E69B3C475D8A8D19FCF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=l8n43y283pk4
Frame ID: 58AC7BA68A9DB524B07B9C40BE70271B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=frhh1riib1j5
Frame ID: C937FA2395983D2E22A3B2EC63824A6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

81
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

25
Subdomains

18
IPs

6
Countries

1363 kB
Transfer

3601 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://en.cinquiemesaison.com/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VoyagesCinquiemeSaison/
Title: Pour d'autres spéciaux, suivez-nous sur Facebook <img class="fb-banner__thumb" src="/app/themes/fifthseason/dist/images/icon-thumbs-up.png.webp" alt="Facebook" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VoyagesCinquiemeSaison
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/VoyagesCinquiemeSaison/
Title:

Search URL Search Domain Scan URL

URL: http://david-goliath.com/
Title: Agence design et web David&Goliath®

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.cinquiemesaison.com/ 82 KB
21 KB 1143ms
860ms Document
text/html 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/7.4.3 PleskLin

Resource Hash

b46eff901b9cac9ec9bc669a92146e766cfbbf66b68ac029cb56956a239a14e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: www.cinquiemesaison.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx
date: Tue, 10 Mar 2020 11:05:18 GMT
content-type: text/html; charset=UTF-8
content-length: 20513
x-powered-by: PHP/7.4.3 PleskLin
link: <https://www.cinquiemesaison.com/wp-json/>; rel="https://api.w.org/", <https://www.cinquiemesaison.com/>; rel=shortlink, </app/cache/css/cc09d.css>; rel=preload; as=style,</wp/wp-includes/js/jquery/jquery.js>; rel=preload; as=script,</app/plugins/gravityforms/js/jquery.json.min.js>; rel=preload; as=script,</app/plugins/gravityforms/js/placeholders.jquery.min.js>; rel=preload; as=script,</app/cache/js/4802d.js>; rel=preload; as=script,</app/cache/js/78583.js>; rel=preload; as=script
cache-control: max-age=86400
expires: Wed, 11 Mar 2020 11:05:17 GMT
vary: Accept-Encoding
content-encoding: gzip
ms-author-via: DAV
x-cache-status: BYPASS
strict-transport-security: max-age=15768000; includeSubDomains

GET
H2 200 cc09d.css
www.cinquiemesaison.com/app/cache/css/ 355 KB
68 KB 132ms
131ms Stylesheet
text/css 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/app/cache/css/cc09d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7fe4f01d6e0c1123719042b0dc565d99a40d8b4ed817cb924c545c8e16949625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5e60b83a-58b2b"
last-modified: Thu, 05 Mar 2020 08:28:42 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 jquery.js Show response
www.cinquiemesaison.com/wp/wp-includes/js/jquery/ 95 KB
33 KB 246ms
245ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5d483094-17a69"
last-modified: Mon, 05 Aug 2019 13:35:16 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 jquery.json.min.js Show response
www.cinquiemesaison.com/app/plugins/gravityforms/js/ 2 KB
1 KB 343ms
342ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/app/plugins/gravityforms/js/jquery.json.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5dfbe64a-738"
last-modified: Thu, 19 Dec 2019 21:06:18 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 placeholders.jquery.min.js Show response
www.cinquiemesaison.com/app/plugins/gravityforms/js/ 5 KB
2 KB 343ms
342ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/app/plugins/gravityforms/js/placeholders.jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5dfbe64a-121f"
last-modified: Thu, 19 Dec 2019 21:06:18 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 4802d.js Show response
www.cinquiemesaison.com/app/cache/js/ 594 KB
171 KB 345ms
344ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/app/cache/js/4802d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

45b8d43df2d76cc55426c06ed060a67f3a89b393922eaff9877fa6f0e5fe5c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5e60b83a-9472e"
last-modified: Thu, 05 Mar 2020 08:28:42 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 78583.js Show response
www.cinquiemesaison.com/app/cache/js/ 148 KB
40 KB 348ms
347ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cinquiemesaison.com/app/cache/js/78583.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

277d0e2ade2a73828e1497e23a865ba3484321eeb63b75f2c5cc06d2912435e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
etag: W/"5e60b83a-24e05"
last-modified: Thu, 05 Mar 2020 08:28:42 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 style.css
cinquiemesaison.com/app/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 2 KB
785 B 347ms
340ms Stylesheet
text/css 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cinquiemesaison.com/app/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

2feb39bd405a8f0299a4115689da22f8165bcc61e8f5d9ed4a1c4cc5fd3a85ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 21:15:19 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"5dfbe867-6dd"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H2 200 script.js Show response
cinquiemesaison.com/app/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 702 B
626 B 345ms
340ms Script
application/javascript 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cinquiemesaison.com/app/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.js

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

66d18f6dc9983a817863220206f19b9b68ff7413f6f885bd2892c024fcc18252

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:18 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 21:15:19 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"5dfbe867-2be"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=691200
expires: Wed, 18 Mar 2020 11:05:18 GMT

GET
H/1.1 200
OK bootstrap.js Show response
bootstrap.voyagesendirect.com/ 34 KB
8 KB 750ms
117ms Script
text/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: 1b2648b6e8b01d81b1010eb3fcbabacce456390402189355917f50c20fbf975c

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 11:05:19 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Upgrade, Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 7933
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo-5-th-season-h-fr.png.webp
www.cinquiemesaison.com/app/themes/fifthseason/dist/images/ 6 KB
6 KB 121ms
120ms Image
image/webp 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/themes/fifthseason/dist/images/logo-5-th-season-h-fr.png.webp

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

a91ed144be837d24d08986b8192aea911a432ad0119a3b88396130e58f8335fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
etag: "5e1e0cf8-17a8"
last-modified: Tue, 14 Jan 2020 18:48:24 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/webp
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 6056
expires: Wed, 18 Mar 2020 11:05:19 GMT

GET
H2 200 noform.js Show response
koi-3qnjxcq3me.marketingautomation.services/client/ 4 KB
2 KB 179ms
112ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnjxcq3me.marketingautomation.services/client/noform.js?ver=1.24
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.21.179 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3cc606a159b124fd41357e058099700477a3a62f436755effdf12ed2273531fc

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 13:26:53 GMT
server: openresty
etag: W/"5e66441d-fba"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
alt-svc: clear
via: 1.1 google
expires: Thu, 09 Apr 2020 11:05:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 679 B
617 B 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=fr-CA&render=explicit&ver=5.2.5

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99d8c59de5927e415634446c3e593560e063773241a1ddd9d56e0172869340a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 450
x-xss-protection: 1; mode=block
expires: Tue, 10 Mar 2020 11:05:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
27 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKQ4BG

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

357f016f67c1f544dee5c1ce3814f9f0633f2546289aab92299b7f6c35ab150a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27558
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Mar 2020 11:05:19 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 ss.js Show response
koi-3qnjxcq3me.marketingautomation.services/client/ 11 KB
5 KB 180ms
113ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnjxcq3me.marketingautomation.services/client/ss.js?ver=2.2.1
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.21.179 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: df0b16f418f6430a71effea58a7a4d934ef5c50e9f1932a3dcfa4209a6607641

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 13:26:53 GMT
server: openresty
etag: W/"5e66441d-2bb1"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800, public
alt-svc: clear
via: 1.1 google
expires: Tue, 17 Mar 2020 11:05:19 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7623a8ff44a59b48d0b478c9523535f0959a0feea6409b0522e955ff0c93ce85

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc6b39b36e4ea9f07fed6811e346665a675048ac2a63024ad40591c7ab3a34f

Request headers

Origin: https://www.cinquiemesaison.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKQ4BG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4389
date: Tue, 10 Mar 2020 09:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Tue, 10 Mar 2020 11:52:10 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 89ms
32ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKQ4BG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9953
x-xss-protection: 0
server: cafe
etag: 242256469415106277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Mar 2020 11:05:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 68mSTs8JI0inxkWn/S5ETU8zRNj9Y4kajdtsadgZ9Tq7Hx6aeiHO4BuM6wQXlgbUa2dxtZIDzvbPn1XVKI9D0w==
x-fb-trip-id: 420120009
date: Tue, 10 Mar 2020 11:05:19 GMT, Tue, 10 Mar 2020 11:05:19 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 oribi.js Show response
cdn.oribi.io/Xy03OTQ5OTQzNzU/ 3 B
294 B 307ms
174ms Script
application/javascript 2600:9000:214f:8800:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/Xy03OTQ5OTQzNzU/oribi.js
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8800:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=60
content-length: 3
x-amz-cf-id: RC0_lqx3N-C-e8ykg4mdAyXAzwJJG_hoNw-T5ev-9LVFvXxrpLCvew==
x-application-context: application

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1031001805&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cinquiemesaison.com%2F&ul=en-us&de=UTF-8&dt=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgAAB~&jid=315890354&gjid=23065438&cid=588088632.1583838319&tid=UA-21328614-1&_gid=2028165913.1583838319&gtm=2wg2q2TKQ4BG&z=1463377749

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 19:56:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2992126
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-21328614-1&cid=588088632.1583838319&jid=315890354&gjid=23065438&_gid=2028165913.1583838319&_u=YGBAgAAB~&z=1576474780

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 10 Mar 2020 11:05:19 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1625521951098564 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1625521951098564?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d15e5d717558a03b1437e445db40b23dfe8f06a7877d34661bbd138413633d2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Mff2oZTVKwBO1HiAyE9aHntHcXlXDBYZ0Lihyh5cQocXxnqGrKfDH8Fnhwcgtm85qMXdhUlFiOvHMd9uwY1MIQ==
x-fb-trip-id: 420120009
date: Tue, 10 Mar 2020 11:05:19 GMT, Tue, 10 Mar 2020 11:05:19 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000635928/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000635928/?random=1583838319210&cv=9&fst=1583838319210&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cinquiemesaison.com%2F&tiba=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53cd1096428a490384a2cd4a8efb77704cfb2a759a0c7f1c6f4566d56787e13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1625521951098564&ev=PageView&dl=https%3A%2F%2Fwww.cinquiemesaison.com%2F&rl=&if=false&ts=1583838319241&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583838319240.771752812&it=1583838319150&coo=false&rqm=GET

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT, Tue, 10 Mar 2020 11:05:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Mar 2020 11:05:19 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1000635928/ 42 B
151 B 20ms
19ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000635928/?random=1583838319210&cv=9&fst=1583838000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&frm=0&url=https%3A%2F%2Fwww.cinquiemesaison.com%2F&tiba=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med&async=1&fmt=3&is_vtc=1&random=1648756006&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 11:05:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1000635928/ 42 B
110 B 21ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1000635928/?random=1583838319210&cv=9&fst=1583838000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2q2&sendb=1&frm=0&url=https%3A%2F%2Fwww.cinquiemesaison.com%2F&tiba=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med&async=1&fmt=3&is_vtc=1&random=1648756006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 11:05:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 koi Show response
koi-3qnjxcq3me.marketingautomation.services/ 126 B
570 B 156ms
156ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnjxcq3me.marketingautomation.services/koi?rf=&hn=www.cinquiemesaison.com&lg=en-US&sr=1600x1200&cd=24&vr=2.3.1&se=1583838319245&tk=null&ac=KOI-459SFWACO2&ts=1583838319&pt=0&pl=0&tp=page&ti=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med
Requested by: Host: koi-3qnjxcq3me.marketingautomation.services
URL: https://koi-3qnjxcq3me.marketingautomation.services/client/ss.js?ver=2.2.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.21.179 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: a531117f5229d16fdf5953f115704d0958a3b6c239bd7e0319ca27d7fa3fb508

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 11:05:19 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Mar 2020 11:05:19 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See http://sharpspring.com/privacy for more info.'
status: 200
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-7f4b5ff964-ngbmg
content-type: application/javascript
alt-svc: clear
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 es6-promise.auto.min.js Show response
cdn.jsdelivr.net/npm/es6-promise@4/dist/ 6 KB
3 KB 1554ms
12ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js

Requested by

Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39766
cf-ray: 571c8f624dd4dfc7-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21036-AMS, cache-fra19170-FRA
server: cloudflare
etag: W/"1962-NLNASu4jwzBScgHcLDtueKdlX1E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *

GET
H/1.1 200
OK vedapp.js Show response
bootstrap.voyagesendirect.com/ 5 KB
2 KB 108ms
106ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.voyagesendirect.com/vedapp.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 36f5d958732bd1adf7c421024befc3d7255fab456f5a312ab23018e27a80a1d2

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 14:29:27 GMT
Server: Apache/2
ETag: "125b-59ec661f3acbe-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1287

GET
H/1.1 200
OK jquery-migrate.js Show response
engine.voyagesendirect.com/js/ 15 KB
6 KB 1911ms
108ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/js/jquery-migrate.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 432cf8d9ca55153a3d5e76472c1852f3bcb1025ea3b4ce26d4351441eba4d954

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2013 18:58:14 GMT
Server: Apache/2
ETag: "3db5-4db847781bd80-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 5483

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1031001805&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cinquiemesaison.com%2F&ul=en-us&de=UTF-8&dt=Cinqui%C3%A8me%20Saison%20%7C%20Agence%20Voyages%20Club%20Med&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAAAB~&jid=1755131029&gjid=1008041461&cid=588088632.1583838319&tid=UA-41011214-1&_gid=2028165913.1583838319&_r=1&z=715434308

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 11:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__fr_ca.js Show response
www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/ 263 KB
94 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__fr_ca.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fr-CA&render=explicit&ver=5.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f11675cd58cf8093e50c869a336202e74f0d74633af005eadcfde597ff487de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 17:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Mar 2020 04:07:29 GMT
server: sffe
age: 63552
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 95768
x-xss-protection: 0
expires: Tue, 09 Mar 2021 17:26:07 GMT

GET
H2 200 Image3x.jpeg
cinquiemesaison.com/app/uploads/slider3/ 118 KB
118 KB 121ms
121ms Image
image/jpeg 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cinquiemesaison.com/app/uploads/slider3/Image3x.jpeg

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/app/cache/js/4802d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

8af4ae1071a6021089948ee5cc036b4906484a6bb96b4e6ea52ea5ff8afabff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
last-modified: Tue, 14 Jan 2020 18:55:00 GMT
server: nginx
x-powered-by: PleskLin
etag: "5e1e0e84-1d620"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 120352
expires: Wed, 18 Mar 2020 11:05:19 GMT

GET
H2 200 qvl1hrw.js Show response
use.typekit.net/ 21 KB
8 KB 203ms
157ms Script
text/javascript 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qvl1hrw.js

Requested by

Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/app/cache/js/78583.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

be0e3ad49142c929d30bf3fccc39a97113dd6d6177289d035425e6b3a1952b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Tue, 10 Mar 2020 11:05:19 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7666

OPTIONS
H/1.1 200
OK getconfig Show response
bootstrap.voyagesendirect.com/api/ 555 B
757 B 348ms
115ms XHR
application/json 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.voyagesendirect.com/api/getconfig
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/vedapp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: fae4799cfef258338dfa1bf5436c90dec117cbc8f704783c4863295ddfa4e72a

Request headers

Access-Control-Request-Method: POST
Origin: https://www.cinquiemesaison.com
Referer: https://www.cinquiemesaison.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 10 Mar 2020 11:05:19 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET, POST
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: Upgrade, Keep-Alive
Content-Type: application/json
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
Content-Length: 298
Keep-Alive: timeout=2, max=100

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame DDC4 0
0 45ms
45ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&co=aHR0cHM6Ly93d3cuY2lucXVpZW1lc2Fpc29uLmNvbTo0NDM.&hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&theme=light&size=normal&cb=ffbkl1fs3qt6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__fr_ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tJRdN7gDwyUpzkniWQZovw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&co=aHR0cHM6Ly93d3cuY2lucXVpZW1lc2Fpc29uLmNvbTo0NDM.&hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&theme=light&size=normal&cb=ffbkl1fs3qt6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cinquiemesaison.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cinquiemesaison.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Mar 2020 11:05:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-tJRdN7gDwyUpzkniWQZovw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10127
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 4342 0
0 37ms
37ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__fr_ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vLjzH2PJpV+XAwlkKU4ezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&co=aHR0cHM6Ly93d3cuY2lucXVpZW1lc2Fpc29uLmNvbTo0NDM.&hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&theme=light&size=normal&cb=8bqvchv7dbjg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cinquiemesaison.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cinquiemesaison.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Mar 2020 11:05:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-vLjzH2PJpV+XAwlkKU4ezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10129
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK setanalytics.html
controle.voyagesendirect.com/ Frame 898E 0
0 426ms
109ms Document
text/html 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.voyagesendirect.com/setanalytics.html
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash

Request headers

Host: controle.voyagesendirect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.cinquiemesaison.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cinquiemesaison.com/

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 02 Jan 2014 19:55:38 GMT
ETag: "2ea-4ef022d6e0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 496
Keep-Alive: timeout=2, max=100
Content-Type: text/html

POST
H/1.1 200
OK ajax.set_stats.php Show response
bootstrap.voyagesendirect.com/ 2 B
299 B 364ms
112ms XHR
text/html 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.voyagesendirect.com/ajax.set_stats.php
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 10 Mar 2020 11:05:19 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: User-Agent
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 2
Keep-Alive: timeout=2, max=99

GET
H/1.1 200
OK p_wg1.css
bootstrap.voyagesendirect.com/ 21 KB
4 KB 116ms
113ms Stylesheet
text/css 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.voyagesendirect.com/p_wg1.css?plugin=%7B%22en%22%3A1144%7D

Requested by

Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),

Reverse DNS

host-075.purebackend.com

Software

Apache/2 / PHP/5.6.40

Resource Hash

4cc44582723a56d822f9993a120787f9cfb955741ec54ecb2468eeb71868fd59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 11:05:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 4099
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jquery.fancybox-1.3.4.pack.js Show response
mariage.voyagesendirect.com/js/ 15 KB
6 KB 418ms
108ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://mariage.voyagesendirect.com/js/jquery.fancybox-1.3.4.pack.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 781409508d1e1c02c2a2e776e3b75ebf082ef52c417443d9ca662f51748a330b

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Oct 2012 16:51:36 GMT
Server: Apache/2
ETag: "3d35-4cb8f08d85600-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 5602

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
pub.voyagesendirect.com/css/ 9 KB
2 KB 419ms
108ms Stylesheet
text/css 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.voyagesendirect.com/css/jquery.fancybox-1.3.4.css
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 7ba24164c09eb112384ed33291f5de32f0fc44c6060cd2c5da0a2f1f95d38cd6

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Feb 2015 18:42:05 GMT
Server: Apache/2
ETag: "228e-50e1f4f8d7940-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=2, max=100
Content-Length: 1822

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 31 Jan 2020 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3407100
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 00:40:19 GMT

GET
H/1.1 200
OK jquery.easing-1.3.pack.js Show response
mariage.voyagesendirect.com/js/ 7 KB
3 KB 430ms
109ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://mariage.voyagesendirect.com/js/jquery.easing-1.3.pack.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 292e5c282729046bb19454752219be2dceb3b3825781ef14ff73b11c6ef1ff26

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Oct 2012 16:51:43 GMT
Server: Apache/2
ETag: "1a85-4cb8f094325c0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 2205

GET
H/1.1 200
OK jquery.mousewheel-3.0.4.pack.js Show response
mariage.voyagesendirect.com/js/ 1 KB
1 KB 432ms
108ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://mariage.voyagesendirect.com/js/jquery.mousewheel-3.0.4.pack.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: e5b70cfa4b09983d5adcbd96112a9b472e2969f98d6a3cc3f4de4092c43bde06

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Oct 2012 16:51:40 GMT
Server: Apache/2
ETag: "50c-4cb8f09155f00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 683

GET
H/1.1 200
OK yahoo-dom-event.js Show response
engine.voyagesendirect.com/js/ 105 KB
30 KB 1714ms
112ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/js/yahoo-dom-event.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 65a65f9b487569b843733789132b440bd955dad07314da3f5efdf022508ce8ae

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2013 19:45:29 GMT
Server: Apache/2
ETag: "1a454-4dcdb1bc9c840-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 29928

GET
H/1.1 200
OK calendar.css
engine.voyagesendirect.com/css/ 9 KB
2 KB 1701ms
107ms Stylesheet
text/css 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/css/calendar.css
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 0d07b6aec481eb213af5aa4dff69805c54beb7a7217f4aec322ad9d3c508c099

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 14:17:57 GMT
Server: Apache/2
ETag: "240c-5936151d2bb06-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=2, max=100
Content-Length: 2179

GET
H/1.1 200
OK calendar02.css
engine.voyagesendirect.com/css/ 8 KB
2 KB 1700ms
106ms Stylesheet
text/css 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/css/calendar02.css
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 8b4e6b49469f527f4ea9b07c9fe4490da105c88624dd94bca676ede3645eb413

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2013 18:22:00 GMT
Server: Apache/2
ETag: "2129-4e21dc098a200-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=2, max=100
Content-Length: 1877

GET
H/1.1 200
OK engine2.js Show response
engine.voyagesendirect.com/ 77 KB
16 KB 1743ms
141ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/engine2.js?aff=wg1&cookie_enabled=1&agent=&orientation=&single=&comp=&tab=&session_code=web-9c1d1464dd595fbb79c9020e44aeefa8&lang=fr&key=5e67746f622d4
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: dccfe2bf7d6dc1e88b84403c60e458315f821a625fa53272bad5771f6eff5b7d

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Upgrade, Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 15565
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK flexslider.css
pub.voyagesendirect.com/css/ 5 KB
2 KB 432ms
112ms Stylesheet
text/css 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.voyagesendirect.com/css/flexslider.css
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: b3a87aea7948c309f87d392a1a0db13508b584a61f80ca9ba2a28fed432dbd30

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2016 12:20:33 GMT
Server: Apache/2
ETag: "15f3-52fcffd012640-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=2, max=100
Content-Length: 1809

GET
H/1.1 200
OK jquery.flexslider.js Show response
pub.voyagesendirect.com/js/ 52 KB
11 KB 435ms
111ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.voyagesendirect.com/js/jquery.flexslider.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 0717ba93d105d44ced2f014ae6346582bf289af70cf259cee5c19056a84cbe2e

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Feb 2015 19:49:58 GMT
Server: Apache/2
ETag: "d12b-50ed54ee4e580-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 11177

GET
H/1.1 200
OK jquery.cookie.js Show response
agent.voyagesendirect.com/js/ 4 KB
2 KB 414ms
108ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://agent.voyagesendirect.com/js/jquery.cookie.js
Requested by: Host: bootstrap.voyagesendirect.com
URL: https://bootstrap.voyagesendirect.com/bootstrap.js?aff=wg1&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2015 14:41:22 GMT
Server: Apache/2
ETag: "1096-518a3916b0880-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 1490

GET
H2 200 l
use.typekit.net/af/c5635c/000000000000000000015891/27/ 35 KB
35 KB 71ms
26ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c5635c/000000000000000000015891/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b7a6383d17c99bb4bc02f7b12399e9ec8a9d81ab76a7896082fc2c4db333810d

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "931566100ca17dc176c48299428b70a4d23e2199"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35380

GET
H2 200 l
use.typekit.net/af/a6803e/000000000000000000015893/27/ 35 KB
36 KB 128ms
82ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a6803e/000000000000000000015893/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b632acbea51af5f3139314bfc3cc140aea069bca93ab44dbe477af7fc84835f8

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "e3b1f66e6d5b71482a0b7a34dad61430ae462cb4"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 36164

GET
H2 200 l
use.typekit.net/af/dabff9/00000000000000000001588f/27/ 35 KB
35 KB 119ms
73ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dabff9/00000000000000000001588f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 31633c11e99325ec125c4e1538bd3fd91e356dd4164fd22b07e10eda6bc8bf01

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "cb6c6f009f59702772ec5cb07ec4a64ead815cb6"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35516

GET
H2 200 l
use.typekit.net/af/db612c/000000000000000000015895/27/ 36 KB
36 KB 125ms
79ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/db612c/000000000000000000015895/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0ad521ce47ddd54556db1d7c61aab5271f6474b726011fd3f4b579663f115949

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "d0dbc32e7af5941a8451f9f50bd4f96b0c9d8f5f"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 36788

GET
H2 200 l
use.typekit.net/af/d3dff8/000000000000000000015877/27/ 34 KB
35 KB 122ms
77ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d3dff8/000000000000000000015877/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2ce2c23bb8e54f55e7440d68efabbbf99934623dba8ec58619804dc0188b594

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "b25bf84dfa433cb40b25255f4287f4e9079caa14"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35292

GET
H2 200 l
use.typekit.net/af/6259bc/000000000000000000015879/27/ 35 KB
35 KB 102ms
57ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6259bc/000000000000000000015879/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d56c9d7f98589c0251a26226138b2d36f55c2b85e3da94a6c9f09deb6e0b698

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "4625cf14c0407bb8be7676530cce75d4d4a8e6ef"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35376

GET
H2 200 l
use.typekit.net/af/0bfdec/000000000000000000015880/27/ 36 KB
36 KB 114ms
68ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0bfdec/000000000000000000015880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aded534578f2d8cc3bfe5cf4c21719bb922e1355c79a3fce7e4a92466d029b64

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "c564d325adf7d4ef4f8e1ae8b560b30553804d2e"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 36528

GET
H2 200 l
use.typekit.net/af/2223ac/00000000000000003b9b0326/27/ 28 KB
28 KB 109ms
64ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2223ac/00000000000000003b9b0326/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dc4e92a714d94538f91c4915476b34e930379281b8c4a31332fd596799f19539

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "530b33da9436e4ff082d775cbaee0bbff25a12ec"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28212

GET
H2 200 l
use.typekit.net/af/67187a/00000000000000003b9b032a/27/ 27 KB
28 KB 95ms
50ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/67187a/00000000000000003b9b032a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qvl1hrw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d5b0cf26f932c7775230998cec76adf4078c3a0acac0437df20bad538753bbd9

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
server: nginx
access-control-allow-origin: *
etag: "e6df59bcefcea0a2fb1fb60f7eeffc08bb7253db"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28072

POST
H2 200 /
www.facebook.com/tr/ 0
58 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytUlwiTZoQIWZGFby

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.cinquiemesaison.com
date: Tue, 10 Mar 2020 11:05:19 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 58AC 0
0 30ms
30ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=l8n43y283pk4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__fr_ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TrmWsRdO0nggnS/dK/aYxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=l8n43y283pk4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cinquiemesaison.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cinquiemesaison.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Mar 2020 11:05:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-TrmWsRdO0nggnS/dK/aYxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1183
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame C937 0
0 29ms
28ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=frhh1riib1j5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f1wAZV34wmOO4-wA3kszbUcM/recaptcha__fr_ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MsVCvDD4rORgLzvEyl1p8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=fr-CA&v=f1wAZV34wmOO4-wA3kszbUcM&k=6LeJ8cMUAAAAAC0c3CoAVk7qmevyDIroVdG2-NJ7&cb=frhh1riib1j5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.cinquiemesaison.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.cinquiemesaison.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Mar 2020 11:05:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-MsVCvDD4rORgLzvEyl1p8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1183
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 29ms
22ms Image
image/gif 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=qvl1hrw&ht=tk&h=www.cinquiemesaison.com&f=22489.22491.22493.22495.24680.24682.24689.14036.14038&a=5752477&js=1.19.2&app=typekit&e=js&_=1583838319875
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:19 GMT
last-modified: Mon, 04 Feb 2019 21:28:53 GMT
server: nginx
access-control-allow-origin: *
etag: "5c58ae95-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Mon, 19 Aug 2019 11:43:27 GMT

POST
H/1.1 200
OK getconfig Show response
bootstrap.voyagesendirect.com/api/ 182 B
585 B 177ms
112ms XHR
application/json 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.voyagesendirect.com/api/getconfig
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: c45e12f299156225cee583a5effb54d88ea0179c37eb7af57e435c14a5805d44

Request headers

Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 10 Mar 2020 11:05:20 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET, POST
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: Upgrade, Keep-Alive
Content-Type: application/json
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
Content-Length: 126
Keep-Alive: timeout=2, max=100

GET
H2 200 clubmed-logo.png
www.cinquiemesaison.com/app/uploads/2018/02/ 5 KB
5 KB 121ms
120ms Image
image/png 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/uploads/2018/02/clubmed-logo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

e3e9267337c7cebcbf7391ef348c44d225a80a390adc35c3b17d2048394a0cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
etag: "5a7b69c9-12d8"
last-modified: Wed, 07 Feb 2018 21:04:09 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4824
expires: Wed, 18 Mar 2020 11:05:21 GMT

GET
H2 200 promo-miches-playa.jpg
www.cinquiemesaison.com/app/uploads/2019/05/ 27 KB
27 KB 228ms
227ms Image
image/jpeg 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/uploads/2019/05/promo-miches-playa.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

701caa2a8f7a72b4a2d894db3184c0de30f92b781f9327f1893bce1dacc34274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
etag: "5e1894b7-6c42"
last-modified: Fri, 10 Jan 2020 15:13:59 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 27714
expires: Wed, 18 Mar 2020 11:05:21 GMT

GET
H2 200 9067-WEB-14-01-20-1-500x500.jpg.webp
www.cinquiemesaison.com/app/uploads/2019/02/ 18 KB
18 KB 334ms
334ms Image
image/webp 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/uploads/2019/02/9067-WEB-14-01-20-1-500x500.jpg.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

0ec2c4b32dc09f666c05d74b734c8156c4df9ad94d3d3c73288171cfd3f6c409

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
etag: "5e1f2694-4764"
last-modified: Wed, 15 Jan 2020 14:49:56 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/webp
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 18276
expires: Wed, 18 Mar 2020 11:05:21 GMT

GET
H2 200 9067-29-0120-500x500-1.jpg.webp
www.cinquiemesaison.com/app/uploads/2020/01/ 34 KB
34 KB 335ms
334ms Image
image/webp 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/uploads/2020/01/9067-29-0120-500x500-1.jpg.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

bff670b1c5b0b712aab7bcb360509493160bc0944da364fe8352f85a76c7c9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
etag: "5e3091e8-8706"
last-modified: Tue, 28 Jan 2020 19:56:24 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/webp
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 34566
expires: Wed, 18 Mar 2020 11:05:21 GMT

GET
H2 200 icon-thumbs-up.png.webp
www.cinquiemesaison.com/app/themes/fifthseason/dist/images/ 2 KB
2 KB 335ms
335ms Image
image/webp 165.22.225.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cinquiemesaison.com/app/themes/fifthseason/dist/images/icon-thumbs-up.png.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

165.22.225.253 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

11e1ae86d65902caecc8010ce3a6f768fa81a6ab3b341cc2a3a8f8dd4095c7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:21 GMT
etag: "5e1e0cfa-8a6"
last-modified: Tue, 14 Jan 2020 18:48:26 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/webp
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2214
expires: Wed, 18 Mar 2020 11:05:21 GMT

GET
H/1.1 200
OK pack_icon.png
images.voyagesendirect.com/engine_icon/ 452 B
749 B 375ms
105ms Image
image/png 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.voyagesendirect.com/engine_icon/pack_icon.png
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 7984cfcb085dbd74b80d6e1a15e9bee6a4bf17620b86d1bc34fd94c5e47f60c5

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Last-Modified: Wed, 24 Apr 2013 16:48:55 GMT
Server: Apache/2
ETag: "1c4-4db1e13d3ebc0"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 452

GET
H/1.1 200
OK flight_icon.png
images.voyagesendirect.com/engine_icon/ 525 B
822 B 386ms
106ms Image
image/png 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.voyagesendirect.com/engine_icon/flight_icon.png
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 3cb543698e7b33771c7b7570cad166e466f1519a1d5601bb521bbcf7cd7aa669

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Last-Modified: Wed, 24 Apr 2013 16:48:55 GMT
Server: Apache/2
ETag: "20d-4db1e13d3ebc0"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 525

GET
H/1.1 200
OK last_icon.png
images.voyagesendirect.com/engine_icon/ 867 B
1 KB 389ms
107ms Image
image/png 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.voyagesendirect.com/engine_icon/last_icon.png
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 6c8748b3d43d07f07ce2b549343d6cdb356dbe11a7dbe52776a960f125beae30

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Last-Modified: Mon, 29 Apr 2013 19:17:54 GMT
Server: Apache/2
ETag: "363-4db84bdd71c80"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 867

GET
H/1.1 200
OK customotf.js Show response
engine.voyagesendirect.com/js/ 14 KB
4 KB 107ms
107ms Script
application/javascript 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/js/customotf.js?rand=5e67747156c4f&lang=fr&idprefix=5e67747153ea7
Requested by: Host: engine.voyagesendirect.com
URL: https://engine.voyagesendirect.com/engine2.js?aff=wg1&cookie_enabled=1&agent=&orientation=&single=&comp=&tab=&session_code=web-9c1d1464dd595fbb79c9020e44aeefa8&lang=fr&key=5e67746f622d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: 512f6298893284b78b47a5f0d9c506af246c7c358e7d8dc58f014a28bd022c4f

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jun 2018 18:20:07 GMT
Server: Apache/2
ETag: "3676-56f16d931dcc2-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 3779

GET
DATA 200
OK truncated
/ 965 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f916bf662a899263ba166364949af855780741541bd332bc8b251c6002556721

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de7a69345f6c37e9cd2353c8d8a6900b7dc5a7e3402770a93a10dc4809b3f6b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK calendar-bt.png
engine.voyagesendirect.com/pics/ 3 KB
3 KB 105ms
104ms Image
image/png 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.voyagesendirect.com/pics/calendar-bt.png
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: f625236cbdde7806d53154ead358454d94b2c528fd7d507f05a05e81a35ab365

Request headers

Referer: https://engine.voyagesendirect.com/css/calendar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Last-Modified: Mon, 29 Apr 2013 18:58:13 GMT
Server: Apache/2
ETag: "a30-4db8477727b40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 2608

GET
H/1.1 200
OK sprite-arrow.png
bootstrap.voyagesendirect.com/pics/ 337 B
607 B 105ms
105ms Image
image/png 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bootstrap.voyagesendirect.com/pics/sprite-arrow.png
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 /
Resource Hash: fa6e63c465db5a07c0ee5e4f99e2a3183d84eb2a600c9651c6acf37afd2d5e68

Request headers

Referer: https://bootstrap.voyagesendirect.com/p_wg1.css?plugin=%7B%22en%22%3A1144%7D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Last-Modified: Tue, 27 Jun 2017 16:37:33 GMT
Server: Apache/2
ETag: "151-552f3af34aedb"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 337

GET
H/1.1 200
OK ajax.getdestinations.php Show response
engine.voyagesendirect.com/ 24 KB
4 KB 687ms
457ms XHR
text/html 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/ajax.getdestinations.php?gw=YUL&lg=fr
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: 17e83a109eb6ff5f41c6502540f05afb7b037c1cd45f36451f5f2510a480024c

Request headers

Accept: */*
Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Mar 2020 11:05:21 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: Upgrade, Keep-Alive
Content-Type: text/html
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 3462
Keep-Alive: timeout=2, max=100

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1625521951098564&ev=PageView&dl=https%3A%2F%2Fwww.cinquiemesaison.com%2F%23promo&rl=&if=false&ts=1583838322014&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1583838319240.771752812&it=1583838319150&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cinquiemesaison.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 10 Mar 2020 11:05:22 GMT, Tue, 10 Mar 2020 11:05:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Mar 2020 11:05:22 GMT

GET
H/1.1 200
OK ajax.gethotels.php Show response
engine.voyagesendirect.com/ 144 KB
22 KB 132ms
132ms XHR
text/html 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/ajax.gethotels.php?gw=YUL&dest=27,29,26,188,25,30,103,60,11,55,568546,16,70,22,64,569962,21,2974,92,3049121,3,87,4,6,47,37,3049115,53,52,15,76,131,761711,763200,772385,3153,58,129,4065,780221,3955,152,3006,2749698,2750048,31,2750479,1578,79,2741642,148,80,2750814,71,2807730,84,81,51,32,1434,154,97,117,108,110,68,61,974878,34,28,83,33,104,180,1318341,1328096,3046191,1333008,45,1335129,143,1337813,118,1339118,78,18,4244,1843,1341400,1341882,38,1,2,17,44,3049105,7,77,69,3049111,9,3049109,24,156,1769306,1899141,59,226,100,2138511&lg=fr
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: 9cb2a292f89e9a873fe7bb641423e2709ce8d68abf20208794142a0638908a81

Request headers

Accept: */*
Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Mar 2020 11:05:22 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 22096
Keep-Alive: timeout=2, max=99

GET
H/1.1 200
OK ajax.get_engine_data.php Show response
engine.voyagesendirect.com/ 8 B
305 B 118ms
117ms XHR
text/html 68.71.59.75
NETELLIGENT

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.voyagesendirect.com/ajax.get_engine_data.php?aff=WG1&hotel_name=undefined&lang=fr
Requested by: Host: www.cinquiemesaison.com
URL: https://www.cinquiemesaison.com/wp/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.71.59.75 Montreal, Canada, ASN10929 (NETELLIGENT, CA),
Reverse DNS: host-075.purebackend.com
Software: Apache/2 / PHP/5.6.40
Resource Hash: f480b9e9fa9232397768df06969daa2f069d96bf3f14451a3c39b5b0e821bfe5

Request headers

Accept: */*
Referer: https://www.cinquiemesaison.com/
Origin: https://www.cinquiemesaison.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Mar 2020 11:05:22 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.40
Vary: User-Agent
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 8
Keep-Alive: timeout=2, max=98

Verdicts & Comments Add Verdict or Comment

335 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.voyagesendirect.com/	1970-01-19 07:58:44	Name: _gid Value: GA1.2.2121753196.1583838320
www.cinquiemesaison.com/	1970-01-19 07:57:21	Name: __ss_referrer Value: https%3A//www.cinquiemesaison.com/
.cinquiemesaison.com/	1970-01-19 10:06:54	Name: _fbp Value: fb.1.1583838319240.771752812
.voyagesendirect.com/	1970-01-19 07:57:18	Name: _gat Value: 1
.voyagesendirect.com/	1970-01-20 01:28:30	Name: _ga Value: GA1.2.1935466337.1583838320
www.cinquiemesaison.com/	1970-01-19 07:58:44	Name: __ss Value: 1583838319245
.cinquiemesaison.com/	1970-01-19 07:57:18	Name: _dc_gtm_UA-21328614-1 Value: 1
.cinquiemesaison.com/	1970-01-19 07:58:44	Name: _gid Value: GA1.2.2028165913.1583838319
www.cinquiemesaison.com/	1970-01-28 10:57:18	Name: __ss_tk Value: 202003%7C5e67746fb2c221780d5b0020
.cinquiemesaison.com/	1970-01-20 01:28:30	Name: _ga Value: GA1.2.588088632.1583838319

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.cinquiemesaison.com/app/cache/js/4802d.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://engine.voyagesendirect.com/engine2.js?aff=wg1&cookie_enabled=1&agent=&orientation=&single=&comp=&tab=&session_code=web-9c1d1464dd595fbb79c9020e44aeefa8&lang=fr&key=5e67746f622d4(Line 790) Message: cal1
console-api	log	URL: https://engine.voyagesendirect.com/engine2.js?aff=wg1&cookie_enabled=1&agent=&orientation=&single=&comp=&tab=&session_code=web-9c1d1464dd595fbb79c9020e44aeefa8&lang=fr&key=5e67746f622d4(Line 790) Message: cal4
console-api	log	URL: https://engine.voyagesendirect.com/engine2.js?aff=wg1&cookie_enabled=1&agent=&orientation=&single=&comp=&tab=&session_code=web-9c1d1464dd595fbb79c9020e44aeefa8&lang=fr&key=5e67746f622d4(Line 790) Message: cal5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agent.voyagesendirect.com
ajax.googleapis.com
bootstrap.voyagesendirect.com
cdn.jsdelivr.net
cdn.oribi.io
cinquiemesaison.com
connect.facebook.net
controle.voyagesendirect.com
engine.voyagesendirect.com
googleads.g.doubleclick.net
images.voyagesendirect.com
koi-3qnjxcq3me.marketingautomation.services
mariage.voyagesendirect.com
p.typekit.net
pub.voyagesendirect.com
stats.g.doubleclick.net
use.typekit.net
www.cinquiemesaison.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
130.211.21.179
165.22.225.253
172.217.22.66
2600:9000:214f:8800:13:c079:7880:93a1
2606:4700::6810:5614
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
68.71.59.75
95.100.67.47
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0717ba93d105d44ced2f014ae6346582bf289af70cf259cee5c19056a84cbe2e
0ad521ce47ddd54556db1d7c61aab5271f6474b726011fd3f4b579663f115949
0d07b6aec481eb213af5aa4dff69805c54beb7a7217f4aec322ad9d3c508c099
0ec2c4b32dc09f666c05d74b734c8156c4df9ad94d3d3c73288171cfd3f6c409
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e1ae86d65902caecc8010ce3a6f768fa81a6ab3b341cc2a3a8f8dd4095c7f9
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17e83a109eb6ff5f41c6502540f05afb7b037c1cd45f36451f5f2510a480024c
1b2648b6e8b01d81b1010eb3fcbabacce456390402189355917f50c20fbf975c
1bc6b39b36e4ea9f07fed6811e346665a675048ac2a63024ad40591c7ab3a34f
1d15e5d717558a03b1437e445db40b23dfe8f06a7877d34661bbd138413633d2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277d0e2ade2a73828e1497e23a865ba3484321eeb63b75f2c5cc06d2912435e8
292e5c282729046bb19454752219be2dceb3b3825781ef14ff73b11c6ef1ff26
2feb39bd405a8f0299a4115689da22f8165bcc61e8f5d9ed4a1c4cc5fd3a85ab
31633c11e99325ec125c4e1538bd3fd91e356dd4164fd22b07e10eda6bc8bf01
332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b
357f016f67c1f544dee5c1ce3814f9f0633f2546289aab92299b7f6c35ab150a
36f5d958732bd1adf7c421024befc3d7255fab456f5a312ab23018e27a80a1d2
3cb543698e7b33771c7b7570cad166e466f1519a1d5601bb521bbcf7cd7aa669
3cc606a159b124fd41357e058099700477a3a62f436755effdf12ed2273531fc
432cf8d9ca55153a3d5e76472c1852f3bcb1025ea3b4ce26d4351441eba4d954
45b8d43df2d76cc55426c06ed060a67f3a89b393922eaff9877fa6f0e5fe5c21
4cc44582723a56d822f9993a120787f9cfb955741ec54ecb2468eeb71868fd59
4d56c9d7f98589c0251a26226138b2d36f55c2b85e3da94a6c9f09deb6e0b698
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
512f6298893284b78b47a5f0d9c506af246c7c358e7d8dc58f014a28bd022c4f
53cd1096428a490384a2cd4a8efb77704cfb2a759a0c7f1c6f4566d56787e13c
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
65a65f9b487569b843733789132b440bd955dad07314da3f5efdf022508ce8ae
66d18f6dc9983a817863220206f19b9b68ff7413f6f885bd2892c024fcc18252
6c8748b3d43d07f07ce2b549343d6cdb356dbe11a7dbe52776a960f125beae30
701caa2a8f7a72b4a2d894db3184c0de30f92b781f9327f1893bce1dacc34274
7623a8ff44a59b48d0b478c9523535f0959a0feea6409b0522e955ff0c93ce85
781409508d1e1c02c2a2e776e3b75ebf082ef52c417443d9ca662f51748a330b
7984cfcb085dbd74b80d6e1a15e9bee6a4bf17620b86d1bc34fd94c5e47f60c5
7ba24164c09eb112384ed33291f5de32f0fc44c6060cd2c5da0a2f1f95d38cd6
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7fe4f01d6e0c1123719042b0dc565d99a40d8b4ed817cb924c545c8e16949625
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af4ae1071a6021089948ee5cc036b4906484a6bb96b4e6ea52ea5ff8afabff1
8b4e6b49469f527f4ea9b07c9fe4490da105c88624dd94bca676ede3645eb413
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
99d8c59de5927e415634446c3e593560e063773241a1ddd9d56e0172869340a0
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9cb2a292f89e9a873fe7bb641423e2709ce8d68abf20208794142a0638908a81
9f11675cd58cf8093e50c869a336202e74f0d74633af005eadcfde597ff487de
a531117f5229d16fdf5953f115704d0958a3b6c239bd7e0319ca27d7fa3fb508
a91ed144be837d24d08986b8192aea911a432ad0119a3b88396130e58f8335fe
aded534578f2d8cc3bfe5cf4c21719bb922e1355c79a3fce7e4a92466d029b64
b3a87aea7948c309f87d392a1a0db13508b584a61f80ca9ba2a28fed432dbd30
b46eff901b9cac9ec9bc669a92146e766cfbbf66b68ac029cb56956a239a14e6
b632acbea51af5f3139314bfc3cc140aea069bca93ab44dbe477af7fc84835f8
b7a6383d17c99bb4bc02f7b12399e9ec8a9d81ab76a7896082fc2c4db333810d
be0e3ad49142c929d30bf3fccc39a97113dd6d6177289d035425e6b3a1952b6f
bff670b1c5b0b712aab7bcb360509493160bc0944da364fe8352f85a76c7c9c4
c45e12f299156225cee583a5effb54d88ea0179c37eb7af57e435c14a5805d44
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2ce2c23bb8e54f55e7440d68efabbbf99934623dba8ec58619804dc0188b594
d5b0cf26f932c7775230998cec76adf4078c3a0acac0437df20bad538753bbd9
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
dc4e92a714d94538f91c4915476b34e930379281b8c4a31332fd596799f19539
dccfe2bf7d6dc1e88b84403c60e458315f821a625fa53272bad5771f6eff5b7d
de7a69345f6c37e9cd2353c8d8a6900b7dc5a7e3402770a93a10dc4809b3f6b8
df0b16f418f6430a71effea58a7a4d934ef5c50e9f1932a3dcfa4209a6607641
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e9267337c7cebcbf7391ef348c44d225a80a390adc35c3b17d2048394a0cd3
e5b70cfa4b09983d5adcbd96112a9b472e2969f98d6a3cc3f4de4092c43bde06
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f480b9e9fa9232397768df06969daa2f069d96bf3f14451a3c39b5b0e821bfe5
f625236cbdde7806d53154ead358454d94b2c528fd7d507f05a05e81a35ab365
f916bf662a899263ba166364949af855780741541bd332bc8b251c6002556721
fa6e63c465db5a07c0ee5e4f99e2a3183d84eb2a600c9651c6acf37afd2d5e68
fae4799cfef258338dfa1bf5436c90dec117cbc8f704783c4863295ddfa4e72a

www.cinquiemesaison.com Open in urlscan Pro 165.22.225.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

71 %IPv6

16 Domains

25 Subdomains

18 IPs

6 Countries

1363 kBTransfer

3601 kBSize

10 Cookies

5 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cinquiemesaison.com Open in urlscan Pro
165.22.225.253 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

25
Subdomains

18
IPs

6
Countries

1363 kB
Transfer

3601 kB
Size

10
Cookies

81 HTTP transactions
6 data transactions