paiement-securise.pantheon-recherche.com Open in urlscan Pro
108.138.26.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.contenu-finance.info/?qs=bead70325ccabbfbeb390aa8c4a54f25bdec217c3136821d2e16a82c3c46fbe10096d730bea1c00d2a98a8ec7b4a...
Effective URL:
https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Submission: On March 04 via api (March 4th 2024, 9:09:53 am UTC) from BE — Scanned from DE

Summary HTTP 129 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 28 domains to perform 129 HTTP transactions. The main IP is 108.138.26.100, located in United States and belongs to AMAZON-02, US. The main domain is paiement-securise.pantheon-recherche.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 7th 2023. Valid for: a year.

This is the only time paiement-securise.pantheon-recherche.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.168.226 13.111.168.226	14340 (SALESFORCE) (SALESFORCE)
1	108.138.26.100 108.138.26.100	16509 (AMAZON-02) (AMAZON-02)
19	108.156.60.83 108.156.60.83	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	18.172.112.116 18.172.112.116	16509 (AMAZON-02) (AMAZON-02)
2	18.245.46.39 18.245.46.39	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.72 13.32.27.72	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.10 13.32.99.10	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2.19.106.209 2.19.106.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:237... 2600:9000:237d:a000:d:576d:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1 13	143.204.215.28 143.204.215.28	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.15 108.138.7.15	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:41d0:203... 2001:41d0:203:836d::	16276 (OVH) (OVH)
1	2600:1900:401... 2600:1900:4010:68b1:8000::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2620:1ec:46::62 2620:1ec:46::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
129	39

1 13.111.168.226 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.contenu-finance.info

click.contenu-finance.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-100.fra56.r.cloudfront.net

paiement-securise.pantheon-recherche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 108.156.60.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-83.ams1.r.cloudfront.net

cdn-funnel.info-contenu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.172.112.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-116.fra60.r.cloudfront.net

cdn.info-contenu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-39.fra56.r.cloudfront.net

docs.pantheon-recherche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-72.fra56.r.cloudfront.net

www.pantheon-recherche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-10.fra60.r.cloudfront.net

staticmail.editionsbiosante.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.106.209 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-106-209.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:a000:d:576d:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.powerspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.215.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-28.fra53.r.cloudfront.net

euc-widget.freshworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-15.fra56.r.cloudfront.net

api.propulse-lab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.img-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:203:836d:: (France)

ASN16276 (OVH, FR)

r.phywi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1900:4010:68b1:8000:: (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

an.pwspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	info-contenu.io cdn-funnel.info-contenu.io cdn.info-contenu.io	2 MB
13	freshworks.com 1 redirects euc-widget.freshworks.com — Cisco Umbrella Rank: 56796	145 KB
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6744	920 B
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	4 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	614 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 374	230 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 i.clarity.ms — Cisco Umbrella Rank: 18627 c.clarity.ms — Cisco Umbrella Rank: 1360	28 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	79 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2961 tr.outbrain.com — Cisco Umbrella Rank: 2730 wave.outbrain.com — Cisco Umbrella Rank: 2943	9 KB
5	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 78472 api.useproof.com — Cisco Umbrella Rank: 79199	1 MB
5	pantheon-recherche.com paiement-securise.pantheon-recherche.com docs.pantheon-recherche.com www.pantheon-recherche.com	228 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	278 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 244	16 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
3	gstatic.com www.gstatic.com maps.gstatic.com	395 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	61 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 822	609 B
2	t.co t.co — Cisco Umbrella Rank: 674	604 B
2	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 18489	195 KB
1	pwspace.com an.pwspace.com — Cisco Umbrella Rank: 328462	379 B
1	phywi.org r.phywi.org — Cisco Umbrella Rank: 111869	538 B
1	img-static.com 1 redirects www.img-static.com — Cisco Umbrella Rank: 112727	511 B
1	propulse-lab.com api.propulse-lab.com	9 KB
1	powerspace.com cdn.powerspace.com — Cisco Umbrella Rank: 391778	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 775	15 KB
1	editionsbiosante.fr staticmail.editionsbiosante.fr	6 KB
1	contenu-finance.info 1 redirects click.contenu-finance.info	276 B
129	28

	Domain	Requested by
19	cdn-funnel.info-contenu.io	paiement-securise.pantheon-recherche.com cdn-funnel.info-contenu.io
13	euc-widget.freshworks.com	1 redirects paiement-securise.pantheon-recherche.com euc-widget.freshworks.com
7	www.google.de	paiement-securise.pantheon-recherche.com
7	www.googletagmanager.com	paiement-securise.pantheon-recherche.com www.googletagmanager.com www.google-analytics.com
6	maps.googleapis.com	paiement-securise.pantheon-recherche.com maps.googleapis.com
5	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
5	region1.analytics.google.com	www.googletagmanager.com
5	connect.facebook.net	paiement-securise.pantheon-recherche.com connect.facebook.net
4	www.facebook.com
4	www.google.com	paiement-securise.pantheon-recherche.com
4	cdn.useproof.com	paiement-securise.pantheon-recherche.com cdn.useproof.com
4	cdn.info-contenu.io	paiement-securise.pantheon-recherche.com cdn.info-contenu.io
3	tr.outbrain.com	amplify.outbrain.com
3	bat.bing.com	paiement-securise.pantheon-recherche.com bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maps.gstatic.com
2	c.clarity.ms	1 redirects
2	i.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	analytics.twitter.com	paiement-securise.pantheon-recherche.com
2	t.co	paiement-securise.pantheon-recherche.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	cdn.lr-ingest.io	paiement-securise.pantheon-recherche.com cdn.lr-ingest.io
2	www.pantheon-recherche.com	paiement-securise.pantheon-recherche.com
2	docs.pantheon-recherche.com	paiement-securise.pantheon-recherche.com
1	c.bing.com	1 redirects
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	wave.outbrain.com	amplify.outbrain.com
1	an.pwspace.com	cdn.powerspace.com
1	r.phywi.org	paiement-securise.pantheon-recherche.com
1	www.img-static.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	api.propulse-lab.com	cdn-funnel.info-contenu.io
1	static.hotjar.com	paiement-securise.pantheon-recherche.com
1	cdn.powerspace.com	paiement-securise.pantheon-recherche.com
1	static.ads-twitter.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	staticmail.editionsbiosante.fr	paiement-securise.pantheon-recherche.com
1	fonts.googleapis.com	paiement-securise.pantheon-recherche.com
1	paiement-securise.pantheon-recherche.com
1	click.contenu-finance.info	1 redirects
129	43

This site contains links to these domains. Also see Links.

Domain
docs.pantheon-recherche.com

Subject Issuer	Validity	Valid
paiement-securise.pantheon-recherche.com Amazon RSA 2048 M03	`2023-11-07` - `2024-12-06`	a year	crt.sh
*.info-contenu.io Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
docs.pantheon-recherche.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
www.pantheon-recherche.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-20`	a year	crt.sh
staticmail.editionsbiosante.fr Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
useproof.com GTS CA 1P5	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
lr-ingest.io E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-03-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
cdn.powerspace.com Amazon RSA 2048 M01	`2023-08-20` - `2024-09-17`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.propulse-lab.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
an.pwspace.com R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.freshworks.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Frame ID: 14909DF666B78492769790F5524EC76B
Requests: 112 HTTP requests in this frame

Frame: https://cdn-funnel.info-contenu.io/shared/payment-iframe.html
Frame ID: 14C66DF09D2E3C4DB258F14DDEFA8AAD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-funnel.info-contenu.io/shared/payment-iframe.html
Frame ID: 7E39DD4D0583C46B2C99B20FFF047140
Requests: 1 HTTP requests in this frame

Frame: https://euc-widget.freshworks.com/widgetBase/widget.js
Frame ID: 850C951F9010F6D8A1972B761D34A4EB
Requests: 8 HTTP requests in this frame

Frame: https://euc-widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Frame ID: 1E5DC3A58D33EC82202501160A13D60D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 290CD55D7C4AF0EF18DB1FE40B8E0F3A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 849BBB1B5B7C111EE907EA22A4793F50
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 8DE38C3F2C7E1EA5DABB4FCEE8121ADD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offre Spéciale - Revenus Gagnants

Page URL History Show full URLs

https://click.contenu-finance.info/?qs=bead70325ccabbfbeb390aa8c4a54f25bdec217c3136821d2e16a82c3c46fbe10096d730... HTTP 302
https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

95 %
HTTPS

55 %
IPv6

28
Domains

43
Subdomains

39
IPs

5
Countries

4914 kB
Transfer

9577 kB
Size

33
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.pantheon-recherche.com/cgv
Title: Conditions Générales de Vente

Search URL Search Domain Scan URL

URL: https://docs.pantheon-recherche.com/mentions-legales
Title: Mentions Légales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.contenu-finance.info/?qs=bead70325ccabbfbeb390aa8c4a54f25bdec217c3136821d2e16a82c3c46fbe10096d730bea1c00d2a98a8ec7b4a028056f604fba7d57c0f44aab14ae12c7e32 HTTP 302
https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://euc-widget.freshworks.com/widgets/15000000372.js HTTP 301
https://euc-widget.freshworks.com/widgetBase/bootstrap.js

Request Chain 57

https://www.img-static.com/pws.gif HTTP 302
https://r.phywi.org/pws.gif

Request Chain 115

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&RedC=c.clarity.ms&MXFR=12E3D05690E2657431D5C46E94E26B69 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&MUID=37B6C23286ED6EA81CF5D60A87666F19

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request RVG-2023823101717633 Show response
paiement-securise.pantheon-recherche.com/
Redirect Chain

https://click.contenu-finance.info/?qs=bead70325ccabbfbeb390aa8c4a54f25bdec217c3136821d2e16a82c3c46fbe10096d730bea1c00d2a98a8ec7b4a028056f604fba7d57c0f44aab14ae12c7e32
https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

342 KB
88 KB

316ms
260ms

Document
text/html

108.138.26.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-100.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 870d936ee096e311507d92d2398a3a3af20237ece645bcc68cd792ab13171ced

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 09:09:48 GMT
etag: W/"5571b-xDwvxVK7IL3Zdv+tzH+FAzH+NDI"
vary: Accept-Encoding
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-id: vXFix00Scv0MSxl0iuqUxtg_cB8e8N1HAAw0VWBOgR8Y4U5530B15A==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-powered-by: Express

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 218
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Mar 2024 09:09:47 GMT
Location: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

GET
H2 200 bootstrap.min.css
cdn-funnel.info-contenu.io/shared/css/ 156 KB
23 KB 82ms
15ms Stylesheet
text/css 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/css/bootstrap.min.css
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:11:44 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 27 Mar 2020 10:46:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 6497885
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: oI8LVV81k151ga7-S1fBidfXcta3rIZqJTMXk4LCTyzKrc2GsyuMiw==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Black&family=Montserrat&display=swap

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfa75114141749296df1120a4b525d0f9bb7b8df256a34e69477756382e5e16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 09:09:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 intlTelInput.css
cdn.info-contenu.io/assets/lead/assets/tel-input/css/ 25 KB
3 KB 31ms
7ms Stylesheet
text/css 18.172.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/css/intlTelInput.css
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-116.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:07:16 GMT
content-encoding: gzip
via: 1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
last-modified: Fri, 07 Aug 2020 08:44:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 234153
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: xmjK8SiRmqnYdbH8HT-dEvm_RxBpdVCqja-zLuTulHTr2Qrh9uPzvA==

GET
H2 200 clipart_shield_green_10_transparent.png
docs.pantheon-recherche.com/2021/04/pantheon/ 70 KB
71 KB 230ms
8ms Image
image/png 18.245.46.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docs.pantheon-recherche.com/2021/04/pantheon/clipart_shield_green_10_transparent.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68369ea79eb3de62cd0bf118c801dfbf42c1de4c8706cdf1a52f088a2d2781b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:47:28 GMT
x-amz-version-id: uztj0rUfMY.rmQe4yht5RFOryJFIuOjy
via: 1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 397341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 71960
last-modified: Wed, 03 May 2023 08:43:58 GMT
server: AmazonS3
etag: "ee45d619a940b053a731cbc5be837bb4"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Ddllbcj9XAhg61QymZP7VGRekJGy0w80q7xlhY-unvCEmadlzVkIFQ==

GET
H2 200 sepa.svg
cdn-funnel.info-contenu.io/shared/img/payment-icons/ 23 KB
9 KB 15ms
15ms Image
image/svg+xml 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/shared/img/payment-icons/sepa.svg
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10c85b7e21cb714e67768ed614812014cafa68966ab038d58db6474fdf3e6c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 04:11:00 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 12:30:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 13150729
etag: W/"f4fab901874d86e5690762bc6f96fceb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: nWmhhPF1SAtfXt_u5nafxjgQcsCfYTryzTqKfCYoBTvClaHhGJ0qSA==

GET
H2 200 credit-card.svg
cdn-funnel.info-contenu.io/shared/img/payment-icons/ 17 KB
5 KB 13ms
13ms Image
image/svg+xml 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/shared/img/payment-icons/credit-card.svg
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 509f3c0d865328a99e4384b7a0f64505ad51de293a24efbb8e3ddb93ab105fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 22:29:01 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 07:32:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 14035248
etag: W/"d2885df485206eca81ac1b8cd9829271"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: m4x-CDTucZQqH7vU4y73L4pOwRZY4zdzI7v78iPw3HI5pifyv6J_LQ==

GET
H2 200 paiement-securise
www.pantheon-recherche.com/pages/ 55 KB
55 KB 47ms
10ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pantheon-recherche.com/pages/paiement-securise
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57172f374ed3e5b40f9f9b91058c81c21cc3daa036a8c039c634efe011306873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:47:28 GMT
x-amz-version-id: z.2JCMWLz6qJRJ9OqrZ1.AtQ13X6H4DT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 397341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 56211
last-modified: Tue, 18 Jul 2023 12:56:42 GMT
server: AmazonS3
etag: "36d74ce0ac1ad62cff3c7089bd2b8dd8"
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: MgVJnnBTsMBwcT0FDxpO4fTol8I24tmpWCrTmU5gjR4EdBMuZ1sxrg==

GET
H2 200 logo.png
www.pantheon-recherche.com/wp-content/themes/phantheonrecherche/images/ 9 KB
10 KB 47ms
10ms Image
image/png 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pantheon-recherche.com/wp-content/themes/phantheonrecherche/images/logo.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-72.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 69f5f776a6f9444898480efb311374e47eb081dce8ba64ffcd27a3a23943fc61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:47:27 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 11:25:11 GMT
server: Apache
x-amz-cf-pop: FRA56-C2
age: 397341
etag: "25f8-5f02c928573c0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 9720
x-amz-cf-id: c7AlXXHvHKteSFNPz80Weqg7aKqOyWpRJ0dW4vqD02nE207aJhnTcw==

GET
H2 200 download.jpg
staticmail.editionsbiosante.fr/2021/03// 6 KB
6 KB 65ms
9ms Image
image/jpeg 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticmail.editionsbiosante.fr/2021/03//download.jpg
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d49ec035c3f0a734ea42972d9bb74f765ce09a4db6632206076b6fde072d44d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:48:20 GMT
x-amz-version-id: vUtFeEvsSAk8hQTRLhlWGG1KZrdgBkOB
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 397289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 6007
last-modified: Wed, 03 May 2023 14:29:18 GMT
server: AmazonS3
etag: "04dc552fac9a1cfcc912b1d449cda509"
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: IT10Am4AVpw6HY3LEbgBO38odreDBVoIrvAaH-4SdB2nmQiezddgvA==

GET
H2 200 webpnet_gifmaker_2.gif
docs.pantheon-recherche.com/2021/04// 3 KB
4 KB 211ms
15ms Image
image/gif 18.245.46.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docs.pantheon-recherche.com/2021/04//webpnet_gifmaker_2.gif
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d0c263df3e2de1ae51f6400fa0a847fd1003447bf7493392a4de14976ae7285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:48:53 GMT
x-amz-version-id: soSCH4MPnJVmBLbWy_4VSR5C6g.wojnx
via: 1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 397256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3200
last-modified: Wed, 03 May 2023 08:43:58 GMT
server: AmazonS3
etag: "51293104a9806a1f518524b82caad3c8"
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: qxawkUxjti7UXT3jSnviM1RZagRYSjh74MtefYgQT2NMsKAyj1SDOw==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 284ms
98ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=Y1DbOzMWVcOSxiOpXIcFPrGLFg42
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X91NYB9F709N8JED
age: 8201830
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: R1KLkpPWjqzGpxsYQXz5SJAI591RdPbhJMLElS+a9iGI8d3ZyCe3EVU0/ZQjd30ac01T27gSa3k=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqTJZ3jHmCWvZN5WTkls9yPwacFOS%2Bnt085YJrxzFbS%2FSrrr6Vc9fReZNr6qTV4cw2WKnfgMPmMpfgnuD%2Ba56uSb9DF7pTi6mMirBV8RDeLfqNN0Yhd4%2Ffe1UtEtrc09rH00E6ne4nzwvDKn%2FtZC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 85f0bac1c998726f-EWR

GET
H2 200 jquery-3.4.1.min.js Show response
cdn-funnel.info-contenu.io/shared/js/ 86 KB
30 KB 18ms
16ms Script
application/javascript 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/js/jquery-3.4.1.min.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:07:27 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 27 Mar 2020 10:43:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 14025742
etag: W/"220afd743d9e9643852e31a135a9f3ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: T6QGLE8GeGqHigPgNOILrs6v9iDz_b1tbGlQdEWZVEi8L5BWsAYC4A==

GET
H2 200 popper.min.js Show response
cdn-funnel.info-contenu.io/shared/js/ 19 KB
7 KB 19ms
17ms Script
application/javascript 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/js/popper.min.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5614d21225b2e012e3765c1b32fba0b8762bcecd8863c8705c1bcc0d03ec19de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 17:43:56 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 14:59:45 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 13706753
etag: W/"124bf4d1a7db31dd60d4642dce268035"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: agV998Eg8FuHUvZJKYnTuHm9casL3gBB-Hm0OrMq7IflTjk45ETODg==

GET
H2 200 bootstrap.min.js Show response
cdn-funnel.info-contenu.io/shared/js/ 50 KB
14 KB 18ms
16ms Script
application/javascript 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/js/bootstrap.min.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:11:44 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 27 Mar 2020 10:43:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 6497885
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 3wT_rz-4j1zBnmnbTPJFAaKqJl_yVqnqmwkEEgTCE00CAoyt629m4w==

GET
H2 200 pro-video-player.js Show response
cdn-funnel.info-contenu.io/shared/js/ 883 B
1 KB 20ms
18ms Script
application/javascript 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/js/pro-video-player.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04487ed08d5ef8f74df2b04ac17bf5120a1fe6253b16d17b434a452864da3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 17:02:32 GMT
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Mon, 02 May 2022 13:08:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 9734837
etag: "61b9258e90dbb6ef7d14e13a0c638d3b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 883
x-amz-cf-id: Fvc6r5DAioAikHobMZ31dC3MJeGwaNvXojYJ3zwN0Stu_GbXqvd-oQ==

GET
H2 200 formerly.min.js Show response
cdn-funnel.info-contenu.io/shared/js/ 6 KB
3 KB 18ms
16ms Script
application/javascript 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/js/formerly.min.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc51b6b9ce6b9cda9fdcbf6fbdb62431ae43db77e7b5ff3670c2fc0a03edb289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 01:07:27 GMT
content-encoding: gzip
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 11:06:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 14025742
etag: W/"dda8717a4c9d24bf8d316a1f86a9b826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mhIkvt6za3pNZociyW4GAQgPGwCUlffRXlHjw9tsYYnNhPjjjYp37A==

GET
H2 200 intlTelInput.js Show response
cdn.info-contenu.io/assets/lead/assets/tel-input/js/ 85 KB
20 KB 10ms
8ms Script
application/javascript 18.172.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/js/intlTelInput.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-116.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2b5fa78ba1f9424d7e85b0d2f160a8df6068d911dc1cfe26f78fb78d1d7172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:07:16 GMT
content-encoding: gzip
via: 1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
last-modified: Fri, 07 Aug 2020 08:44:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 234153
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KOFmW8v8zLAlUTIAajCzsfwbe4vYzITXJP18GxdtkS2okDvjb7FfKg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
109 KB 62ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

338b890553fbe47d1bc49834f1493c42e4582050182f13bf3f0509a2d1a7c1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 payment-iframe.html Show response
cdn-funnel.info-contenu.io/shared/ Frame 14C6 234 B
550 B 22ms
21ms Document
text/html 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/payment-iframe.html
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 185e3e0532e6c673229f91cb0f911bde3c392612c012a9de76a7b966cacaed26

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14043375
content-length: 234
content-type: text/html
date: Sat, 23 Sep 2023 20:13:33 GMT
etag: "2e4d32ba88cd3529c190f93329e2b038"
last-modified: Thu, 14 May 2020 14:24:46 GMT
server: AmazonS3
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-cf-id: tyCIc4c6NXdH8ja4k2pLt3kFl5SNyZn8Bn3YWcdlW6GAe5I2AKD13w==
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront

GET
H2 200 bleu_L_Plandetravail1.jpg
cdn-funnel.info-contenu.io/12/img/ 24 KB
24 KB 18ms
17ms Image
image/jpeg 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/bleu_L_Plandetravail1.jpg
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 815e7cab2aa481b92aec0255b713dc835dc2b9638b57626a4a6dd14a7c67c001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 21:11:42 GMT
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 14:12:35 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 10324687
etag: "c7ebc26152f2920d8c9b944a3970b9ed"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 24548
x-amz-cf-id: _Q5QAljGRfKxT_0c_cMZOc2ymynqsdryxTy_NSYw9_gICHrcTTsGeA==

GET
H2 200 LOGO_RVG_Mention_black_1654848958175.png
cdn-funnel.info-contenu.io/12/img/ 54 KB
54 KB 18ms
16ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/LOGO_RVG_Mention_black_1654848958175.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 429d14ecbae34fe0fae1d8787fd8d35030441ebd8aad2419ad05f56ebcc53d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:40:05 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 08:16:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 1186184
etag: "b8ae6608b89738c7c5565a390633ef03"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 54858
x-amz-cf-id: vLF-j0Ux_OEwbRwNuoS812NZZc2xwCEB5HRsFQme0kregx_iKW5x4Q==

GET
H2 200 Pictos_SEPASecured_(1)_1670836419759.png
cdn-funnel.info-contenu.io/12/img/ 18 KB
19 KB 21ms
19ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/Pictos_SEPASecured_(1)_1670836419759.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73136737a65f5d95b75191c8446b330a1df68736cc26720c91e9a62ed94285a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:14:03 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 09:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 3527746
etag: "2abf5bc08a857d754bb7205f446c6adc"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 18648
x-amz-cf-id: LSQZ6RZ9iG47cIlzw_ULMMtC8c0AkN1JTyHvWjPe6wEUjQsoxccpZQ==

GET
H2 200 MesP_pites2_1624445039354.png
cdn-funnel.info-contenu.io/12/img/ 520 KB
521 KB 23ms
22ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/MesP_pites2_1624445039354.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40ab5ce2ba12dcd82cac50b9069ef191609f754dc598b0a7ab2fa092397f6ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:43:50 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 10:44:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 239159
etag: "1146330d3343f6cad6a857e1dea63f7b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 532355
x-amz-cf-id: MOH5c2WdmJElUKtNlGoynb_Q-60Rj9XVyMKtuSphypdzlMqMcghM2g==

GET
H2 200 red-arrows-down-300x141_1596699682671.png
cdn-funnel.info-contenu.io/2/img/ 9 KB
10 KB 22ms
21ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/2/img/red-arrows-down-300x141_1596699682671.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3342584f2731354ea1b08ff4ab71db4615a3c60e76d9c7df415b6073378bc2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:24:06 GMT
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Thu, 06 Aug 2020 07:41:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 13229142
etag: "99447c778213d422b91232f253de6347"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9477
x-amz-cf-id: cUGmTffDVaey1WuQqGMOb29t64GboiqA-s_1H-3ARIZant4ZKj_xXQ==

GET
H2 200 iMac_FelixLoic_1692781491518.png
cdn-funnel.info-contenu.io/12/img/ 317 KB
318 KB 57ms
56ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/iMac_FelixLoic_1692781491518.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35e28b2495484fa1c0e8e12a987b915972f220ad70ae78efcc6b161684dad7d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:33:16 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 09:04:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 1121793
etag: "232eb2a5c4f1fb8afb24749918954cf3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 324549
x-amz-cf-id: hlGS2k1Suf_v1eERJbSJl5MhURw6GieVG6xFN4v2DzoqPcNBmAsSyg==

GET
H2 200 iPad_CompteTitre_Binck_1692780765155.png
cdn-funnel.info-contenu.io/12/img/ 136 KB
137 KB 36ms
35ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/iPad_CompteTitre_Binck_1692780765155.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3ed6e4f76ddb6350098ea115f1c9e20ec0a2563682c4e6f48364afa07cb2561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:28:38 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 08:52:48 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 240070
etag: "cf837290ee0b0ee180f398adf694e57e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 139515
x-amz-cf-id: UTQz3Y2ryKyLdrUVWapzYvZpGsCO1wRFIOoLwaf31Y3A_6i-JOj1bg==

GET
H2 200 3_livres_cadeaux_guide_pas_%C3%A0_pas_1692780517732.png
cdn-funnel.info-contenu.io/12/img/ 344 KB
345 KB 43ms
42ms Image
image/png 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/3_livres_cadeaux_guide_pas_%C3%A0_pas_1692780517732.png
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5827585b99da3074a3b361c238d20f6188314a28895dbd5549f40709c38a9090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:28:41 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 08:48:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 240068
etag: "4716bd61c47f92cfc807d126a5c06dc8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 352419
x-amz-cf-id: RyxfiTISRc_qC2BMSdejLixqNBMQteGNN5mSgYPi27b-bAxQWqZaPA==

GET
H2 200 PackshotGlobalWDV_RGV_V2_1692779739768.jpeg
cdn-funnel.info-contenu.io/12/img/ 97 KB
97 KB 54ms
53ms Image
image/jpeg 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-funnel.info-contenu.io/12/img/PackshotGlobalWDV_RGV_V2_1692779739768.jpeg
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5db63ad398e0faeecf5faccad357a04a5bea01b1fe65d3fd7e9430ed727625c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:28:44 GMT
content-encoding: 7bit
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 08:35:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 240064
etag: "2ef49809d70df28ab0518159f404f995"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 98986
x-amz-cf-id: JqEz_CPklxpB_mEAoJoUG6S-__NMIKAinxe6VdfT0-llt5gWZ0tgIA==

GET
H2 200 LogRocket.min.js Show response
cdn.lr-ingest.io/ 111 KB
30 KB 85ms
30ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/LogRocket.min.js

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cc54fb7259d0de2b370e44de046b2335a76aba4a24bd12c332823ac111ad61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
Origin: https://paiement-securise.pantheon-recherche.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3253
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Fri, 01 Mar 2024 23:19:18 GMT
server: cloudflare
x-timer: S1709365429.888033,VS0,VE0
etag: W/"6ded540af383ce7d252adf7c63e746bdc01b5be74202b4cc5ea38322811566e6-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOMy5lSKwHWdeXQK%2BcPw4EX%2FPZ3OKHKm2XzoXvwvKfnsEPtH1CCCLC65qBQLygIk3lbIi7fzV4bhGR3JrHwwGfX5R%2FuZd4cdLEex7z8J66V2UTlEfE0NutmlZa66FJl6qJHauiJxP1n7xl35jLlB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 85f0bac0fb1b7902-CDG
x-cache-hits: 21

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 224 KB
75 KB 79ms
56ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

1541fb91808d43cb37e577abd1f9add7e777742d7a4b14c89d9de43404e5f84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75975
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
89 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBNDBGG3MX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80547ca1b2be4482ac1d6fda3907a4450f2dd1bd848e4ab8def5b78730c21fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
94 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B1V3N82M6B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35fe1560fbd79afd4c2f9524881fbd6b59a0d768fa4028ff604dd1ad86f4519d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
87 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SG1SG66WC4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffc35ead981c3c3d65056cc883c430803cb9a39d7ecf51479f43d1b86bd3fffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
8ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Mar 2024 07:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Mar 2024 09:32:03 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-834632766&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a2b850aa12b57f6129a2bb8e3ef6ab9bcaf7aeda0c0690675e9e2e206169b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 54ms
13ms Script
application/x-javascript 2.19.106.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a97726c589e5815717fc54cdcb1dba2efeceb33bf6f414251ce9dc28211df7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 09:09:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2024 18:16:14 GMT
Server: AkamaiNetStorage
ETag: "59e631d50e9d0ff7ffbf3574ac29bad4:1707332481.569411"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7501
Expires: Mon, 04 Mar 2024 09:29:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 212 KB
77 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10873870168&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90ff8e44b54672daeecc5af0fd2e7471ce83071d55797d9c2c818a91658c26d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 41ms
7ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ8RBXN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-muc13959-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 09:09:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: H62mqtBpklJYUVUmR9gDJot7ICVh0tXRanvVCtir+qaR2HKU/8rIwR7agWr3b/Ohj93K105mE7LD1QxlLHDNsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 74ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 04 Mar 2024 09:09:48 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE12C6D4C5F34669A7653FE3E41A311E Ref B: FRA31EDGE0506 Ref C: 2024-03-04T09:09:48Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 bt.js Show response
cdn.powerspace.com/ 6 KB
3 KB 37ms
8ms Script
application/javascript 2600:9000:237d:a000:d:576d:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.powerspace.com/bt.js?t=474873
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:d:576d:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d30c7601f5603b1bdd0f557aaca632ca44db15ec215272de015058c3900ad576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 05:10:36 GMT
content-encoding: gzip
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 14:15:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 14353
etag: W/"48d63b7aa7e89e14d54f34fb9fa9521c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-meta-x-amz-meta-version: 2.6.5
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nU1IFRmZH8OJcNMtPV4Dg-SrWknO6TykdwgiwtINIVaLthvY701Zkg==

GET
H2 200 hotjar-3235385.js Show response
static.hotjar.com/c/ 9 KB
4 KB 26ms
8ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3235385.js?sv=6

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

338de6c98b3fcb9a1a9e94641835202021d1c160baa925c0ec25ad89a0f95c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 56
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/aaa0fd6573dd86e7235ff5fde8e33fa5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: KJkzCcYLUWoADbZtB2vLDzbM-2nlhCXtE3EMMmBOUXm3-JX0bveMjA==

GET
H3 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 832 KB
165 KB 66ms
36ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc34228d42ae4a1ef624472cf4282840a1fbbcacf89b519bc457933400a36a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21052-AMS
last-modified: Fri, 01 Mar 2024 23:19:18 GMT
server: cloudflare
x-timer: S1709335170.971425,VS0,VE32
etag: W/"9ad7440dcf68dec85ec417ae8845bdc06b7b6cd39e27404dc22f13dd55480337-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSfRNgVn1mKIi0AV9kOmy2RgLmCGI%2BEC5UKBS27WyvM4dyHu%2FF4tk%2FpFSPEwutKd0tx3H2tmqFt2dPvJlFEhbE00ZEhyE30zNKD9E%2FgUJYlnkQ3BAAvCwxx52kpHyKJlUZq31n1ON6pXkfaBub6f"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85f0bac178f5b933-AMS
x-cache-hits: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 34ms
18ms XHR
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 220ms
192ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=9oDG4zQb75SNsUWBlaVDll38AWU2
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X91NYB9F709N8JED
age: 8201830
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: R1KLkpPWjqzGpxsYQXz5SJAI591RdPbhJMLElS+a9iGI8d3ZyCe3EVU0/ZQjd30ac01T27gSa3k=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAGai8eiE5v%2BhwZHlMAh1nEJdthbPm0T7%2FDhrT1MjjmbOPGcAjlDlp8GlH2fZeqWyYOwkqKt1FV13Mxkd3zF5egm08g%2Bq3JRJS%2BJBBemJqfIl1en59d%2FWUMjVmV00%2B4dlQGgKFmtfR0K5Nb2O4Ew"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 85f0bac1c999726f-EWR

GET
H2

200

bootstrap.js Show response
euc-widget.freshworks.com/widgetBase/
Redirect Chain

https://euc-widget.freshworks.com/widgets/15000000372.js
https://euc-widget.freshworks.com/widgetBase/bootstrap.js

9 KB
4 KB

8ms
8ms

Script
application/javascript

143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/bootstrap.js
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: H2
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aecb0336ece6adaac2e21f1838ee5a36bc06a6502f7fb98c474ada90983f37c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: E0aDqqmz_T0OlRFOvXkuTx0ce8A2xbVb
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Mon, 04 Mar 2024 09:04:00 GMT
last-modified: Tue, 20 Feb 2024 07:41:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 353
etag: W/"70a02c32e59cd5e4b5e8eccdfeca46b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: 4TG_WiCVK0nffhH_p-p9BYNLLXnhNcvq3tEMq1SAVK7K-MOuiXGsSQ==

Redirect headers

date: Mon, 04 Mar 2024 09:09:18 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 31
x-cache: Hit from cloudfront
location: /widgetBase/bootstrap.js
content-length: 0
x-amz-cf-id: pzAqaccZtJY7tP2X1d3CYC4yZRe-I44x0RGI21TBGITAbrJqnf7uIg==

GET
H2 200 payment-iframe.html Show response
cdn-funnel.info-contenu.io/shared/ Frame 7E39 234 B
551 B 13ms
11ms Document
text/html 108.156.60.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-funnel.info-contenu.io/shared/payment-iframe.html
Requested by: Host: cdn-funnel.info-contenu.io
URL: https://cdn-funnel.info-contenu.io/shared/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-83.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 185e3e0532e6c673229f91cb0f911bde3c392612c012a9de76a7b966cacaed26

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14043375
content-length: 234
content-type: text/html
date: Sat, 23 Sep 2023 20:13:33 GMT
etag: "2e4d32ba88cd3529c190f93329e2b038"
last-modified: Thu, 14 May 2020 14:24:46 GMT
server: AmazonS3
via: 1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-cf-id: 7EjmGemBl6PCtZl7ElYeuHhDqscPPq5YRgHegSO0cA5SXn60u-OOow==
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront

GET
H2 200 countries.json Show response
api.propulse-lab.com/referential-data/ 44 KB
9 KB 59ms
8ms XHR
application/json 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.propulse-lab.com/referential-data/countries.json
Requested by: Host: cdn-funnel.info-contenu.io
URL: https://cdn-funnel.info-contenu.io/shared/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08f3c579f7dabf270029f68cd79494c13d3f073b6e258d200c5b2956466934e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:12:14 GMT
x-amz-version-id: bl0GK0DhpOt0Tcdypr74DUpbUrXGl5mx
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10709855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Wed, 01 Nov 2023 10:05:12 GMT
server: AmazonS3
etag: W/"9d8641f4d0c6b6b24b8b50ef451fd972"
access-control-max-age: 300000
access-control-allow-methods: PUT, GET, POST
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 0jnVLwxvhTaol2upbCl7WlZoFXDG032v49JxmEaKdo2Ze--HIqQgRA==

GET
H2 200 flags.png
cdn.info-contenu.io/assets/lead/assets/tel-input/img/ 69 KB
70 KB 8ms
8ms Image
image/png 18.172.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/img/flags.png
Requested by: Host: cdn.info-contenu.io
URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/css/intlTelInput.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-116.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.info-contenu.io/assets/lead/assets/tel-input/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:07:24 GMT
via: 1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
last-modified: Fri, 07 Aug 2020 08:44:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 234145
etag: "416250f60d785a2e02f17e054d2e4e44"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 70857
x-amz-cf-id: 1NuxiGrGYXL-T5015beX2Vrem9SEeL1R7LMRb6Be2ecH6vsCK6CkZQ==

GET
H2 200 modules.84f80a92c39bbd76564a.js Show response
script.hotjar.com/ 221 KB
55 KB 39ms
8ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.84f80a92c39bbd76564a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3235385.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 12:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 248382
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55719
last-modified: Fri, 01 Mar 2024 12:09:47 GMT
etag: "fd429e33536e4a29658cbbc9d61c6168"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ywZpyyT5mK9r5aI7m2Q7bxR4ZEyZHSUFtYzNL-_QuAF7sYy2h5cMxQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
225 B 14ms
14ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=46386388&t=pageview&_s=1&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&ul=en-us&de=UTF-8&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=467579074&gjid=2096292043&cid=498886963.1709543388&tid=UA-161090245-1&_gid=1991163074.1709543388&_r=1&_slc=1&gtm=45He42t1n81TJ8RBXNv830874805za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=340293754

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 14ms
13ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=46386388&t=pageview&_s=1&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&ul=en-us&de=UTF-8&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=2127706831&gjid=41848674&cid=498886963.1709543388&tid=UA-161090245-2&_gid=1991163074.1709543388&_r=1&_slc=1&gtm=45He42t1n81TJ8RBXNv830874805za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1578614892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

27683fe0f5a1db5593f3475ec8a47ffa9b2744828b0cf126c832eaed0bd4adc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/834632766/ 3 KB
2 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834632766/?random=1709543388404&cv=11&fst=1709543388404&bg=ffffff&guid=ON&async=1&gtm=45be42t1z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&hn=www.googleadservices.com&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&pscdl=noapi&auid=1597794996.1709543388&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-834632766&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3035e407fdb3a4a5fc1c034b37e273fc675358222f83ae721c5de6f14d8fc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
270 B 38ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B1V3N82M6B&gtm=45je42t1v873999048z8830874805za220&_p=1709543388210&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=498886963.1709543388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709543388&sct=1&seg=0&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&en=page_view&_fv=1&_ss=1&tfd=1832
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1V3N82M6B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
270 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B1V3N82M6B&cid=498886963.1709543388&gtm=45je42t1v873999048z8830874805za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1V3N82M6B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 57ms
36ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B1V3N82M6B&cid=498886963.1709543388&gtm=45je42t1v873999048z8830874805za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=283909341

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
270 B 36ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SG1SG66WC4&gtm=45je42t1v880699263z8830874805za220&_p=1709543388210&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=498886963.1709543388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709543388&sct=1&seg=0&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&en=page_view&_fv=1&_ss=1&tfd=1851
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SG1SG66WC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pws.gif
r.phywi.org/
Redirect Chain

https://www.img-static.com/pws.gif
https://r.phywi.org/pws.gif

43 B
538 B

72ms
18ms

Image
image/gif

2001:41d0:203:836d::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.phywi.org/pws.gif

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Server

2001:41d0:203:836d:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:49 GMT
strict-transport-security: max-age=63072000
server: nginx
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id: 2A0104A0002B00000000000000000011:8E1A_200141D00203836D0000000000000000:01BB_65E58FDD_B59534:001C
expires: Sun, 01 Jan 2014 00:00:00 GMT

Redirect headers

date: Mon, 04 Mar 2024 09:09:48 GMT
strict-transport-security: max-age=63072000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpJ2h8LDLeMS3uLfpYFWP8jNMjeVAem6z8Q%2BvI9mdnJa7DIcfgSXPqFqzMjS%2Bp8O2R9XrFYfijZAtOpSw10jHWdZS06kdt7Rjl9GXvwiowHHsvrwcOGGPxPgqcpA7GEBz0WNDIqOT1crabm3wYyaNz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://r.phywi.org/pws.gif
cf-ray: 85f0bac39c7020d6-IAD
alt-svc: h3=":443"; ma=86400
x-request-id: AC47DE40:FB50_335B50C2:0050_65E58FDC_AE7843:001C

GET
H2 200 OZVGLRXM Show response
an.pwspace.com/ 50 B
379 B 162ms
66ms Script
application/javascript 2600:1900:4010:68b1:8000::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://an.pwspace.com/OZVGLRXM?si=3e1c2f13-e8bd-4742-a8be-1b1851e4b4f5&pai=ceeb8562-5f34-4fd6-ab24-7d5bdbb0716d&pstuid=61cb8484-4fbc-47af-8d3e-6448013cd534&fpu=aHR0cHMlM0ElMkYlMkZwYWllbWVudC1zZWN1cmlzZS5wYW50aGVvbi1yZWNoZXJjaGUuY29tJTJGUlZHLTIwMjM4MjMxMDE3MTc2MzMlM0ZzYWxlc2NvZGUlM0RHXzIwMjQwM19FTV9SVkdHRU5fMDE=&callback=__pwcb

Requested by

Host: cdn.powerspace.com
URL: https://cdn.powerspace.com/bt.js?t=474873

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1900:4010:68b1:8000:: Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

8b80658ab1a89babef093b5737a7aa412ced361c7c74b73416b9099d2ae558ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
x-envoy-decorator-operation: analytics-service.default.svc.cluster.local:8080/*
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=15724800; includeSubDomains
trace-id: 6d76cc11f5c2c1a9ed1a4f4b7363348d
content-length: 50
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-161090245-1&cid=498886963.1709543388&jid=467579074&gjid=2096292043&_gid=1991163074.1709543388&_u=YEBAAEAAAAAAACAAI~&z=1520616314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-161090245-2&cid=498886963.1709543388&jid=2127706831&gjid=41848674&_gid=1991163074.1709543388&_u=YEDAAEABAAAAACAAI~&z=40107518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9897CF78RC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c56f75a23a7f4a8ff63e9fdeebd1b233cd0e937022bab2530b236edb71985f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 09:09:48 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 142ms
117ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c5902e40-f871-4d87-9d29-f356379d453a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6e8da2e-24ff-4fc2-8ebe-374733168626&tw_document_href=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9a10&type=javascript&version=2.3.29

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 04 Mar 2024 09:09:47 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 42b3fce99c8e815e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: bd034fda275559c1246de125f26062726a4e2668d4138036d8f74c5ad1576ca2
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 208ms
186ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c5902e40-f871-4d87-9d29-f356379d453a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6e8da2e-24ff-4fc2-8ebe-374733168626&tw_document_href=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9a10&type=javascript&version=2.3.29

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 177
date: Mon, 04 Mar 2024 09:09:47 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e201c0be8686174e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 55b5a2b467ca461aeb4ed2bcdd69d9ebfd1606251922341fa476d528a8117fce
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
227 B 206ms
180ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c5a1b190-3237-4a15-878c-43aa56129863&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6e8da2e-24ff-4fc2-8ebe-374733168626&tw_document_href=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9a73&type=javascript&version=2.3.29

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 172
date: Mon, 04 Mar 2024 09:09:48 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c09bd25381cfe5d7
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: bd034fda275559c1246de125f26062726a4e2668d4138036d8f74c5ad1576ca2
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 200ms
185ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c5a1b190-3237-4a15-878c-43aa56129863&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6e8da2e-24ff-4fc2-8ebe-374733168626&tw_document_href=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9a73&type=javascript&version=2.3.29

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 176
date: Mon, 04 Mar 2024 09:09:47 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5991accfe99af2b2
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 55b5a2b467ca461aeb4ed2bcdd69d9ebfd1606251922341fa476d528a8117fce
content-length: 43

GET
H2 200 288814876471503 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 139ms
139ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/288814876471503?v=2.9.148&r=stable&domain=paiement-securise.pantheon-recherche.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9cb23ef727095c1d1a6a03391414adc4cfe57c6991471c47628f8a920e3343

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 09:09:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: wD+mMZlIYLgwWoYGt+BfkAeSTtr0NpxVsKSds7SmAUSxau/5SJY+Z1hVVkXbK/7OG6Rf3JSJM1EcApcDwuHh6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CBNDBGG3MX&gtm=45je42t1v867735226z8830874805za220&_p=1709543388210&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=498886963.1709543388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709543388&sct=1&seg=0&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&en=page_view&_fv=1&_ss=1&tfd=1905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBNDBGG3MX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 20ms
20ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBNDBGG3MX&cid=498886963.1709543388&gtm=45je42t1v867735226z8830874805za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBNDBGG3MX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CBNDBGG3MX&gtm=45je42t1v867735226z8830874805za220&_p=1709543388210&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=498886963.1709543388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1709543388&sct=1&seg=1&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&en=page_view&_et=1&tfd=1910
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBNDBGG3MX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CBNDBGG3MX&gtm=45je42t1v867735226z8830874805za220&_p=1709543388210&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=498886963.1709543388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=3&sid=1709543388&sct=1&seg=1&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&en=pageview_bdc&_c=1&ep.URL=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&tfd=1910
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBNDBGG3MX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBNDBGG3MX&cid=498886963.1709543388&gtm=45je42t1v867735226z8830874805za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2089931601

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10873870168/ 3 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10873870168/?random=1709543388523&cv=11&fst=1709543388523&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9136194531z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&hn=www.googleadservices.com&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&pscdl=noapi&auid=1597794996.1709543388&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10873870168&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0ed64e410673e2b21c4708daf40a3fd63778cc75d8fd399c0782aeb78aaa816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
38ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-161090245-1&cid=498886963.1709543388&jid=467579074&_u=YEBAAEAAAAAAACAAI~&z=1282718676

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-161090245-1&cid=498886963.1709543388&jid=467579074&_u=YEBAAEAAAAAAACAAI~&z=1282718676

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 70ms
39ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-161090245-2&cid=498886963.1709543388&jid=2127706831&_u=YEDAAEABAAAAACAAI~&z=1322723485

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-161090245-2&cid=498886963.1709543388&jid=2127706831&_u=YEDAAEABAAAAACAAI~&z=1322723485

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 350ms
89ms Ping
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08973028223862425&referrer=&cht=gtm&marketerId=00b27227195c1838668138865439a5d31b&name=PAGE_VIEW&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 09:09:48 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 03aa921ae0405774980f64d8a8dc5e03
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 371ms
90ms Script
application/javascript 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00b27227195c1838668138865439a5d31b

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 28ed5240dee1b6d4ecfe952bcfb782f8
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00b27227195c1838668138865439a5d31b Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 53ms
16ms Script
text/html 2.19.106.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00b27227195c1838668138865439a5d31b

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-106-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 04 Mar 2024 09:09:48 GMT
ob-sent-time: 1709499966531
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 60c0500bf107a753f4f6e2e5e870c794
Content-Length: 22
Expires: Mon, 04 Mar 2024 09:10:48 GMT

GET
H2 200 148007974.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 39ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148007974.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

482db991302a02fec1424af0e6966a186f6e32ce036577400159290ed264a5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 04 Mar 2024 09:09:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0340C0CCA6C14F659181BDF9A2C37379 Ref B: FRA31EDGE0506 Ref C: 2024-03-04T09:09:48Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
288 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148007974&Ver=2&mid=9646ac94-70a4-4304-a308-b0c298dd5eb8&sid=f3874a80da0611eebaecd3bb29f72024&vid=f38770c0da0611ee820cbb53bc721436&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&p=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&r=&lt=1764&evt=pageLoad&sv=1&rn=925338

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Mar 2024 09:09:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E3CA70B14E0478DA705255BF361AE3D Ref B: FRA31EDGE0506 Ref C: 2024-03-04T09:09:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 13ms
13ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.84f80a92c39bbd76564a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3436661
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5sZHjV3kMe4OoBzL_bcr2aAiYmZWTnOTqwgNY1YvOyf5P5maRARftA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/834632766/ 42 B
154 B 21ms
21ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/834632766/?random=1709543388404&cv=11&fst=1709542800000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtquI97B_kFx_COeNZqHEm46lVdRXOGSQ&random=4108004776&rmt_tld=0&ipr=y

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/834632766/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834632766/?random=1709543388404&cv=11&fst=1709542800000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtquI97B_kFx_COeNZqHEm46lVdRXOGSQ&random=4108004776&rmt_tld=1&ipr=y

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 15000000372.json Show response
euc-widget.freshworks.com/widgets/ 1 KB
1 KB 34ms
15ms XHR
application/json 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgets/15000000372.json?randomId=0.9884068785422795
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgets/15000000372.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95f9aff03970042a9de5c839024c9d5980ef8cbbcc88b9efa4f5bb6b1fabeec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: f4LSnFNs75Hv4MS9S0u.p6QLsJomLK95
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date: Mon, 04 Mar 2024 09:09:48 GMT
last-modified: Mon, 12 Dec 2022 11:48:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 31
etag: W/"606b3fa3766fc21267141e9930dbdb9e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: VV9aOJ_f92RdmlDzS-ojl0s3C1oSIr62ZLnaDDRirKt_MmKzNSOzIA==

GET
BLOB 200
OK b81590ec-eb96-460e-81d1-f09ef3741001
https://paiement-securise.pantheon-recherche.com/ 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://paiement-securise.pantheon-recherche.com/b81590ec-eb96-460e-81d1-f09ef3741001
Requested by: Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4c839503feccb0af51b0a7242207dc3a50a56c85f5612dbfbc70fe1378a751f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 474107
Content-Type

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9897CF78RC&_ono=1&gtm=45je42t1v9127171702za220&_p=1709543388210&_gaz=1&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=498886963.1709543388&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&dt=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&sid=1709543388&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2030
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9897CF78RC&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-9897CF78RC&cid=498886963.1709543388&gtm=45je42t1v9127171702za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9897CF78RC&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paiement-securise.pantheon-recherche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-9897CF78RC&cid=498886963.1709543388&gtm=45je42t1v9127171702za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0&z=1545876024

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10873870168/ 42 B
108 B 22ms
22ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10873870168/?random=1709543388523&cv=11&fst=1709542800000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9136194531z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqK6qz8w20oKaAg_HX2jubiS0NFzb3yQVmyPIxtcOQzTCP7Gw0&random=3733331218&rmt_tld=0&ipr=y

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10873870168/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10873870168/?random=1709543388523&cv=11&fst=1709542800000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9136194531z8830874805za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&frm=0&tiba=Offre%20Sp%C3%A9ciale%20-%20Revenus%20Gagnants&npa=0&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqK6qz8w20oKaAg_HX2jubiS0NFzb3yQVmyPIxtcOQzTCP7Gw0&random=3733331218&rmt_tld=1&ipr=y

Requested by

Host: paiement-securise.pantheon-recherche.com
URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 148007974 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 162ms
104ms Script
application/x-javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/148007974
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/148007974.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 299aac6503705a3379b2ed4e3fb218aa255fbfd17d2b68234e2b21a22397d436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: -1
date: Mon, 04 Mar 2024 09:09:48 GMT
x-azure-ref: 20240304T090948Z-rzwfgu6p997up1be4sq5pbxgq000000001rg000000004503
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 2815327065378478 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 136ms
136ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2815327065378478?v=2.9.148&r=stable&domain=paiement-securise.pantheon-recherche.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f7f975a56bf2ff5c35929a5ecc850e8337b1f1a3ec728e3f9030cbe62799ec7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 09:09:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: LJCkFUufw2p3FtVFap/BrWEwrcead6n/lY9E74jLplCHFNgpIS5AJ8SwzwyMNLEQvODFFcP8fT7V8h8rhqXhEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 frame.d7ae132c.css
euc-widget.freshworks.com/widgetBase/static/media/ 1 KB
890 B 9ms
9ms Stylesheet
text/css 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgets/15000000372.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: FyN2EOYXPtf34wSkLqoPUEqR7j7Ug2I1
last-modified: Tue, 20 Feb 2024 07:37:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: W/"d7ae132c387286735e2e9d369838b0c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=8640000
x-amz-cf-id: ofob3AF9JWsGi1yxDO8G2w21t4HBnmORQUFP1nZvnymyVL2Xm_3Hhw==

GET
H2 200 widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 295 KB
95 KB 9ms
9ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgets/15000000372.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b756d121921234c2c13ce62eece77ea3e4f41238c62d19f4a046f803daa06494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:08 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: sP_dD3HfjJ6JD9ATh1tW9GTPy3Zaj9vD
last-modified: Tue, 20 Feb 2024 07:41:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 41
etag: W/"65d73e8558b29288b3dd3536c4116545"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: HEoANFNmdIQkrpx5_7D-1p6rTYZAnFOFPvSIpepSDJHN1c68EZ2_pg==

GET
H2 200 0.e2caf280750f3ece06da.widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 21 KB
8 KB 8ms
8ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/0.e2caf280750f3ece06da.widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: X1JyQzf0kAg2oMMNP9l7GFdxSZNbN93j
last-modified: Tue, 20 Feb 2024 07:38:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: W/"3eb7d6da69812f629e5409d725c8ca3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: mWKInYUYdh5Ei4YJ-0BFJuGCXVDzmrvOUUJmalpkfM5aWqJxeVFM3g==

GET
H2 200 1.0e8f0237accf8416de7f.widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 23 KB
7 KB 9ms
9ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: N1EMxtRVGoGrxSS_HWXIgPMp8yq_N6ss
last-modified: Tue, 20 Feb 2024 07:38:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: W/"7c346979da8f0571ca5e101f69a9c6f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: DTW5LBSGUM2-CDaAY5V6Fg0E8u92KlDAJwpWZVMipu82iW5WHvOw0Q==

GET
H2 200 8.b0400418a13f32c5b0ab.widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 35 KB
11 KB 9ms
9ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/8.b0400418a13f32c5b0ab.widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe08de2ea391392d8af8ad7dec69bf21a03cc8a38f95bea7377761d8e4bff0cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: PqnEM1K3jawHL7LXgCynS46mbGdmx.WP
last-modified: Tue, 20 Feb 2024 07:38:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: W/"d80da12aa29b6717b4178aa52fc4f3ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: CSTXZWiKjmTTY8FPnFEMcgtUSJwJHqrd0Opz9LVVhT31LalLZrkHLQ==

GET
H2 200 10.e2a6e1199313e5325e57.widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 42 KB
12 KB 11ms
11ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: xuyzgutNFaGjYqstxlMppfyilufY1lfZ
last-modified: Tue, 20 Feb 2024 07:38:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: W/"e1fa78a672e16586648645742dd1af72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: 1VJLav63TsEGrgQbwogx5CrCpTDAiIzu1lpP2tLVg8X6Z4iM_9VzTQ==

GET
H2 200 16.f77279b6f161bcdece0f.widget.js Show response
euc-widget.freshworks.com/widgetBase/ Frame 850C 649 B
1023 B 12ms
11ms Script
application/javascript 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/16.f77279b6f161bcdece0f.widget.js
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c15cfb5f49fe27aae610c033f706283ba8e2e5ae29f4bcaefcf2d4de4f8737e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:13 GMT
x-amz-version-id: lVKGsLoKz1.Iq2kc8TEVM72fXETRNLiI
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 07:38:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128456
etag: "e4a4a4d9a22e15aaeb37ef63ea6f63f3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
content-length: 649
x-amz-cf-id: zkIiZqbOmCL7QSEKT5FjZX3Ay6w7s9edVzt7qixd997cNcaJZdaYEw==

GET
H2 200 styles.5fe92f64.css
euc-widget.freshworks.com/widgetBase/static/media/ Frame 1E5D 1 KB
985 B 10ms
10ms Stylesheet
text/css 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 07:42:14 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-version-id: vQDtJZjPstHhDAAjjowrKMgb0jnicIvp
last-modified: Tue, 20 Feb 2024 07:37:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1128455
etag: W/"5fe92f640f91955b9bd354d6d0e721cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=8640000
x-amz-cf-id: qwh-GcZyhbpHEmmCKVwWF3AVqbOHB7KVCB2LIGpu_61uJOr_EsRrKQ==

GET
H2 200 fr.json Show response
euc-widget.freshworks.com/widgetBase/locales/ Frame 850C 5 KB
2 KB 10ms
10ms XHR
application/json 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/locales/fr.json
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04dadac0124843621308b709e21affd2f5226e0809d96978e2f9953852607bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 08:14:05 GMT
x-amz-version-id: 4KG0jBZ48DB7hRMVaG971N1fRS9mRpXP
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1126544
x-cache: Hit from cloudfront
last-modified: Tue, 20 Feb 2024 07:38:00 GMT
server: AmazonS3
etag: W/"6a8157c1586f86179aaab74f5d731f5c"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=8640000
x-amz-cf-id: BEuGHpRZhNMByN4BIqALwVXMZaM_nRvRv0JNfRq3mtpwmJKzBujwdw==

GET
H2 200 en.json Show response
euc-widget.freshworks.com/widgetBase/locales/ Frame 850C 5 KB
2 KB 11ms
11ms XHR
application/json 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euc-widget.freshworks.com/widgetBase/locales/en.json
Requested by: Host: euc-widget.freshworks.com
URL: https://euc-widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 08:14:05 GMT
x-amz-version-id: l.YffWus73Jh5BbENMdx_vIzNSAtdYNy
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1126543
x-cache: Hit from cloudfront
last-modified: Tue, 20 Feb 2024 07:37:52 GMT
server: AmazonS3
etag: W/"b89e0007134ac4d219df17aa6fcd289e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=8640000
x-amz-cf-id: el22yXMbACfZ12qQXIs_0ZIlfm_gEuFiBLShkNmFkaZgLSjx54ek6w==

GET
H3 200 792162938050673 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 161ms
161ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792162938050673?v=2.9.148&r=stable&domain=paiement-securise.pantheon-recherche.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108%2C118%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4655469e861056e6fe96db302f793bf95753992f5ea0f4c7c3d9d75441ceddc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 09:09:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: kg+wlRcjHdid3XX2Ovqs6JJhG/DYTcZp2OBRpjnGnN4AvfgDiylaBMkYS4XA3fWjKnQYM60j6kFDJ/I4RRtUIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.22/ 60 KB
25 KB 32ms
32ms Script
application/javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148007974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:48 GMT
content-encoding: br
last-modified: Thu, 29 Feb 2024 15:07:22 GMT
etag: W/"0x8DC39382173A2DD"
vary: Accept-Encoding
x-azure-ref: 20240304T090948Z-rzwfgu6p997up1be4sq5pbxgq000000001rg00000000450h
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b7b797f2-701e-0063-4c62-6db320000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 290C 325 B
831 B 164ms
164ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=Y1DbOzMWVcOSxiOpXIcFPrGLFg42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://paiement-securise.pantheon-recherche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 85f0bac54bf7726f-EWR
content-length: 325
content-type: text/html
date: Mon, 04 Mar 2024 09:09:49 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88V9M6Yc9%2F3hvUVmFYpPjFQ0pkODE3UZzEJ7Lwz8T6vSdOhKpmVeXGvVEEvXuVgC%2FnDXrG2iR%2Bog0BdVregXf%2Ftvq3Ya%2Fuy4rotrRo79IvPXhqlBRame22FmPOavt5WLpTyhnAW0g0pDrLL6CzGu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: M7ODvh/lebTsZm2Kap/g3UqliPvP7qiuGRheQEOgmRszRZCabAGIbuSruVTctl2UtV1NHJnJ3VylcG2yoL+W0Nqig3wAM2Cg
x-amz-request-id: HMMND765WQZ2TKQ3
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET index.html
cdn.useproof.com/proxy/ Frame 849B 0
0

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
320 B 544ms
241ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.22/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://paiement-securise.pantheon-recherche.com
Date: Mon, 04 Mar 2024 09:09:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET index.html
cdn.useproof.com/proxy/ Frame 8DE3 0
0

GET
H3 200 1900098170266992 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1900098170266992?v=2.9.148&r=stable&domain=paiement-securise.pantheon-recherche.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108%2C118%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7626962a15b052f12af5e298f33bbd91a8c2eea0bbbba946a45018c892d6bbf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 09:09:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: vaDUGFs/D30oVztQ7jrBy/zFaUU4oWvR0jKjeUoQPp/BLFwacuPI9TJwaXCteJocFccIvleJmTfPMN6M0LMlog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 290C 389 KB
390 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 03:38:55 GMT
x-content-type-options: nosniff
age: 451854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 03:38:55 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 290C 112 KB
112 KB 97ms
97ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:49 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3W8HWE2EWG9WZCH8
age: 8376687
alt-svc: h3=":443"; ma=86400
content-length: 114404
x-amz-id-2: vZFk2pJQksjsuQfd4pHgmHMU22YEm0QBEgUV20/8ququo9ELcUUmcsueexvAADqhIHWUXm8kEb8=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEgmRsG%2B%2FSjdI9E%2Bi8SY0jM7Va1fTdpBVSjZG6je7oflywfdQN0egZ1aG%2Bx0zg2qsDesmdymK17YGq%2Fl7MvBrTqJQoa5K6WyoqGava3O6DsvrSSekj9VucOWtu4T2YL6kb8P1DTSbidlWQTi2rYM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 85f0bac65cb7726f-EWR

GET
H2 404 9oDG4zQb75SNsUWBlaVDll38AWU2 Show response
api.useproof.com/pixel/ Frame 290C 27 B
898 B 294ms
254ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/9oDG4zQb75SNsUWBlaVDll38AWU2?url=https:%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9321f0b998faeeaf7414d0d1285c08d11407c4454f16d3f529775d4bb226e013

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:49 GMT
via: 1.1 9737f42d74643b8e3ceb7ecfa2015ed2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 27
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P4
x-amzn-requestid: a6e1dd6e-6a83-4dff-bd1c-3b5c146eed9d
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Error from cloudfront
x-amz-apigw-id: UGNqoFCuIAMEhZg=
content-length: 27
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"1b-0xHTZ/AOZLtXRVYRXpohL5rKrrI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RobU1tY7kVOP7JPIsvorAGod2%2BMOhLiEprdy4fTkuo5364hyxb38zarydz2NNUKBan2B3pMFH7PIAbsDUq%2BW0N%2BXBwYq9lNmlIgV6ksNdgOvj%2BkU8vmeBUrWKjfAHPLRbWHWB07pYhqc0P8U7KhB"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85f0bac71efc702d-CDG
x-amzn-remapped-date: Mon, 04 Mar 2024 09:09:49 GMT
x-amz-cf-id: Ui56FpvpdEoRWVcvqis4QKaggSIrtWzQBejvUZiSjOmgIWC-BjQ9cg==
expires: 0

GET
H2 200 utils.js Show response
cdn.info-contenu.io/assets/lead/assets/tel-input/js/ 239 KB
54 KB 11ms
11ms Script
application/javascript 18.172.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/js/utils.js
Requested by: Host: cdn.info-contenu.io
URL: https://cdn.info-contenu.io/assets/lead/assets/tel-input/js/intlTelInput.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-116.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 16:07:18 GMT
content-encoding: gzip
via: 1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
last-modified: Fri, 07 Aug 2020 08:44:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 234152
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wIGdza-TsRkpIv3GymT0W-ZDB3KpBPYKOOAbspAFTlZUbEVAt5muRg==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&RedC=c.clarity.ms&MXFR=12E3D05690E2657431D5C46E94E26B69
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&MUID=37B6C23286ED6EA81CF5D60A87666F19

42 B
442 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&MUID=37B6C23286ED6EA81CF5D60A87666F19
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:48 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 04 Mar 2024 09:09:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05B0D5C6E8B24C9D86B93D5BB44006D1 Ref B: FRA31EDGE0506 Ref C: 2024-03-04T09:09:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16271C075E94E3780BBF9E366298836&MUID=37B6C23286ED6EA81CF5D60A87666F19
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 90ms
89ms Ping
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=006306483001571217&referrer=&marketerId=00b27227195c1838668138865439a5d31b&name=Prospects%20Leads&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 09:09:49 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 01712aed6f92dc885e08e1083535912e
Content-Length: 54
Content-Type: image/gif;

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288814876471503&ev=PageView&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&rl=&if=false&ts=1709543389260&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709543389259.2080676976&ler=empty&cdl=API_unavailable&it=1709543388494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Mar 2024 09:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2815327065378478&ev=PageView&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&rl=&if=false&ts=1709543389263&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709543389259.2080676976&ler=empty&cdl=API_unavailable&cs_est=true&it=1709543388494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Mar 2024 09:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792162938050673&ev=PageView&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&rl=&if=false&ts=1709543389263&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709543389259.2080676976&ler=empty&cdl=API_unavailable&it=1709543388494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Mar 2024 09:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1900098170266992&ev=PageView&dl=https%3A%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01&rl=&if=false&ts=1709543389264&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709543389259.2080676976&ler=empty&cdl=API_unavailable&it=1709543388494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Mar 2024 09:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 255 KB
56 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56846
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 20:16:58 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 180 KB
56 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56804
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 09:00:57 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 94 KB
25 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c240ebcb869a7fa19c90fd91f9a88fda1aa2b9364175398ef2bc2788b407385f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 519785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25206
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:46:44 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 55 KB
18 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo6sGcM8AUfxzdVJFkXozbSY_Zl4yVu0Y&libraries=places&callback=onInitPlaces

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5818466ac0ee2fa096794eb6d12b681dcd95632e277df64cb62f8e2f70470a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 519416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18034
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:52:53 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 66ms
44ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 04 Mar 2024 09:09:49 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 64ms
43ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paiement-securise.pantheon-recherche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:09:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 04 Mar 2024 09:09:49 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
320 B 105ms
105ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.22/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://paiement-securise.pantheon-recherche.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://paiement-securise.pantheon-recherche.com
Date: Mon, 04 Mar 2024 09:09:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Domain: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paiement-securise.pantheon-recherche.com/	1970-01-20 18:52:30	Name: bdcSession Value: s%3Axs0dXe6SK6Z708t7kEf9w1QBYUCakbiB.760ecBq%2B3dlT%2FTKyPMzqdK5hbVtYf9LPMSs3L7x8XhU
.pantheon-recherche.com/	1970-01-20 21:01:59	Name: _gcl_au Value: 1.1.1597794996.1709543388
paiement-securise.pantheon-recherche.com/	1969-12-31 23:59:59	Name: language Value: fr_FR
.pantheon-recherche.com/	1970-01-20 18:53:49	Name: _gid Value: GA1.2.1991163074.1709543388
.pantheon-recherche.com/	1970-01-20 18:52:23	Name: _gat_UA-161090245-1 Value: 1
.pantheon-recherche.com/	1970-01-20 18:52:23	Name: _gat_UA-161090245-2 Value: 1
.pantheon-recherche.com/	1970-01-21 04:28:23	Name: _ga_B1V3N82M6B Value: GS1.1.1709543388.1.0.1709543388.60.0.0
.pantheon-recherche.com/	1970-01-21 04:28:23	Name: _ga Value: GA1.1.498886963.1709543388
.pantheon-recherche.com/	1970-01-21 04:28:23	Name: _ga_SG1SG66WC4 Value: GS1.1.1709543388.1.0.1709543388.0.0.0
.pantheon-recherche.com/	1970-01-20 18:52:25	Name: pstuid Value: 61cb8484-4fbc-47af-8d3e-6448013cd534
.pantheon-recherche.com/	1970-01-20 18:52:25	Name: __pwpv Value: aHR0cHMlM0ElMkYlMkZhbi5wd3NwYWNlLmNvbSUyRk9aVkdMUlhNJTNGc2klM0QzZTFjMmYxMy1lOGJkLTQ3NDItYThiZS0xYjE4NTFlNGI0ZjUlMjZwYWklM0RjZWViODU2Mi01ZjM0LTRmZDYtYWIyNC03ZDViZGJiMDcxNmQlMjZwc3R1aWQlM0Q2MWNiODQ4NC00ZmJjLTQ3YWYtOGQzZS02NDQ4MDEzY2Q1MzQlMjZmcHUlM0RhSFIwY0hNbE0wRWxNa1lsTWtad1lXbGxiV1Z1ZEMxelpXTjFjbWx6WlM1d1lXNTBhR1Z2YmkxeVpXTm9aWEpqYUdVdVkyOXRKVEpHVWxaSExUSXdNak00TWpNeE1ERTNNVGMyTXpNbE0wWnpZV3hsYzJOdlpHVWxNMFJIWHpJd01qUXdNMTlGVFY5U1ZrZEhSVTVmTURFJTNE
.pantheon-recherche.com/	1970-01-21 04:28:23	Name: _ga_CBNDBGG3MX Value: GS1.1.1709543388.1.1.1709543388.60.0.0
.pantheon-recherche.com/	1970-01-20 18:53:49	Name: _uetsid Value: f3874a80da0611eebaecd3bb29f72024
.pantheon-recherche.com/	1970-01-21 04:13:59	Name: _uetvid Value: f38770c0da0611ee820cbb53bc721436
.doubleclick.net/	1970-01-21 04:13:59	Name: IDE Value: AHWqTUmE8GAPBA-8WZPLOfGJw3zXO9ZiDj2FREeozODwTchCDn6a5OH6ODb1Ek6R
.pantheon-recherche.com/	1970-01-21 03:37:59	Name: _hjSessionUser_3235385 Value: eyJpZCI6IjA2NDA0OWE4LTAyYjEtNThjMC1hNzUyLWNlMGU3NzM5YzRmYiIsImNyZWF0ZWQiOjE3MDk1NDMzODg1NzQsImV4aXN0aW5nIjpmYWxzZX0=
.pantheon-recherche.com/	1970-01-20 18:52:25	Name: _hjSession_3235385 Value: eyJpZCI6IjEyOThlZWQwLTgzYTAtNDlmOC1iNDMzLTBjYmEzYjg1Nzg0OSIsImMiOjE3MDk1NDMzODg1NzUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bing.com/	1970-01-21 04:13:59	Name: MUID Value: 37B6C23286ED6EA81CF5D60A87666F19
.pantheon-recherche.com/	1970-01-21 04:28:23	Name: _ga_9897CF78RC Value: GS1.2.1709543388.1.0.1709543388.60.0.0
.t.co/	1970-01-21 04:28:23	Name: muc_ads Value: c782f4e7-cc44-477a-a668-0d57c169072c
.twitter.com/	1970-01-21 04:28:23	Name: personalization_id Value: "v1_ix1dicOZ/YShTw7iE5RDSQ=="
www.clarity.ms/	1970-01-21 03:37:59	Name: CLID Value: f7ccbfd8dd34432f99ad20f90532ca4c.20240304.20250304
.pantheon-recherche.com/	1970-01-21 03:37:59	Name: _clck Value: nkupn3%7C2%7Cfjs%7C0%7C1524
paiement-securise.pantheon-recherche.com/	1970-01-20 18:52:23	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1709543389070%7D
.phywi.org/	1970-01-20 20:18:47	Name: pl Value: s%3A27%3A%22cdn_65e58fdd11e3c9.90853665%22%3B
.pantheon-recherche.com/	1970-01-20 21:01:59	Name: _fbp Value: fb.1.1709543389259.2080676976
.c.bing.com/	1970-01-20 19:02:28	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:13:59	Name: SRM_B Value: 37B6C23286ED6EA81CF5D60A87666F19
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:13:59	Name: MUID Value: 37B6C23286ED6EA81CF5D60A87666F19
.c.clarity.ms/	1970-01-20 19:02:28	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:52:23	Name: ANONCHK Value: 0
.pantheon-recherche.com/	1970-01-20 18:53:49	Name: _clsk Value: 1d2nwrv%7C1709543389576%7C1%7C1%7Ci.clarity.ms%2Fcollect

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/288814876471503?v=2.9.148&r=stable&domain=paiement-securise.pantheon-recherche.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.useproof.com/pixel/9oDG4zQb75SNsUWBlaVDll38AWU2?url=https:%2F%2Fpaiement-securise.pantheon-recherche.com%2FRVG-2023823101717633%3Fsalescode%3DG_202403_EM_RVGGEN_01 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://paiement-securise.pantheon-recherche.com/RVG-2023823101717633?salescode=G_202403_EM_RVGGEN_01 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
an.pwspace.com
analytics.twitter.com
api.propulse-lab.com
api.useproof.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn-funnel.info-contenu.io
cdn.info-contenu.io
cdn.lr-ingest.io
cdn.powerspace.com
cdn.useproof.com
click.contenu-finance.info
connect.facebook.net
docs.pantheon-recherche.com
euc-widget.freshworks.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.clarity.ms
maps.googleapis.com
maps.gstatic.com
paiement-securise.pantheon-recherche.com
r.phywi.org
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
staticmail.editionsbiosante.fr
stats.g.doubleclick.net
t.co
tr.outbrain.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.img-static.com
www.pantheon-recherche.com
cdn.useproof.com
104.244.42.3
104.244.42.69
108.138.26.100
108.138.7.15
108.156.60.83
13.111.168.226
13.32.27.107
13.32.27.72
13.32.99.10
143.204.215.28
18.172.112.116
18.245.46.39
18.66.97.37
199.232.188.157
2.19.106.209
2001:41d0:203:836d::
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:1900:4010:68b1:8000::
2600:9000:237d:a000:d:576d:840:93a1
2606:4700:3034::ac43:a9b0
2620:1ec:46::62
2620:1ec:c11::200
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
52.167.85.21
64.202.112.223
68.219.88.97
04487ed08d5ef8f74df2b04ac17bf5120a1fe6253b16d17b434a452864da3f57
04dadac0124843621308b709e21affd2f5226e0809d96978e2f9953852607bd6
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f
08f3c579f7dabf270029f68cd79494c13d3f073b6e258d200c5b2956466934e4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09cc54fb7259d0de2b370e44de046b2335a76aba4a24bd12c332823ac111ad61
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
10c85b7e21cb714e67768ed614812014cafa68966ab038d58db6474fdf3e6c86
1541fb91808d43cb37e577abd1f9add7e777742d7a4b14c89d9de43404e5f84b
16c56f75a23a7f4a8ff63e9fdeebd1b233cd0e937022bab2530b236edb71985f
185e3e0532e6c673229f91cb0f911bde3c392612c012a9de76a7b966cacaed26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
27683fe0f5a1db5593f3475ec8a47ffa9b2744828b0cf126c832eaed0bd4adc2
299aac6503705a3379b2ed4e3fb218aa255fbfd17d2b68234e2b21a22397d436
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3342584f2731354ea1b08ff4ab71db4615a3c60e76d9c7df415b6073378bc2cf
338b890553fbe47d1bc49834f1493c42e4582050182f13bf3f0509a2d1a7c1f0
338de6c98b3fcb9a1a9e94641835202021d1c160baa925c0ec25ad89a0f95c36
35e28b2495484fa1c0e8e12a987b915972f220ad70ae78efcc6b161684dad7d5
35fe1560fbd79afd4c2f9524881fbd6b59a0d768fa4028ff604dd1ad86f4519d
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd
3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0
3f7f975a56bf2ff5c35929a5ecc850e8337b1f1a3ec728e3f9030cbe62799ec7
40ab5ce2ba12dcd82cac50b9069ef191609f754dc598b0a7ab2fa092397f6ebd
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
429d14ecbae34fe0fae1d8787fd8d35030441ebd8aad2419ad05f56ebcc53d48
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4655469e861056e6fe96db302f793bf95753992f5ea0f4c7c3d9d75441ceddc7
482db991302a02fec1424af0e6966a186f6e32ce036577400159290ed264a5fd
4a9cb23ef727095c1d1a6a03391414adc4cfe57c6991471c47628f8a920e3343
4d0c263df3e2de1ae51f6400fa0a847fd1003447bf7493392a4de14976ae7285
509f3c0d865328a99e4384b7a0f64505ad51de293a24efbb8e3ddb93ab105fc9
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5614d21225b2e012e3765c1b32fba0b8762bcecd8863c8705c1bcc0d03ec19de
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57172f374ed3e5b40f9f9b91058c81c21cc3daa036a8c039c634efe011306873
5818466ac0ee2fa096794eb6d12b681dcd95632e277df64cb62f8e2f70470a2f
5827585b99da3074a3b361c238d20f6188314a28895dbd5549f40709c38a9090
673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d
68369ea79eb3de62cd0bf118c801dfbf42c1de4c8706cdf1a52f088a2d2781b9
69f5f776a6f9444898480efb311374e47eb081dce8ba64ffcd27a3a23943fc61
6a2b850aa12b57f6129a2bb8e3ef6ab9bcaf7aeda0c0690675e9e2e206169b27
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
73136737a65f5d95b75191c8446b330a1df68736cc26720c91e9a62ed94285a4
7626962a15b052f12af5e298f33bbd91a8c2eea0bbbba946a45018c892d6bbf5
80547ca1b2be4482ac1d6fda3907a4450f2dd1bd848e4ab8def5b78730c21fa1
815e7cab2aa481b92aec0255b713dc835dc2b9638b57626a4a6dd14a7c67c001
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870d936ee096e311507d92d2398a3a3af20237ece645bcc68cd792ab13171ced
8b80658ab1a89babef093b5737a7aa412ced361c7c74b73416b9099d2ae558ea
8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab
90ff8e44b54672daeecc5af0fd2e7471ce83071d55797d9c2c818a91658c26d1
9321f0b998faeeaf7414d0d1285c08d11407c4454f16d3f529775d4bb226e013
95f9aff03970042a9de5c839024c9d5980ef8cbbcc88b9efa4f5bb6b1fabeec0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa
9b2b5fa78ba1f9424d7e85b0d2f160a8df6068d911dc1cfe26f78fb78d1d7172
9d49ec035c3f0a734ea42972d9bb74f765ce09a4db6632206076b6fde072d44d
a3035e407fdb3a4a5fc1c034b37e273fc675358222f83ae721c5de6f14d8fc0f
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130
a97726c589e5815717fc54cdcb1dba2efeceb33bf6f414251ce9dc28211df7c4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecb0336ece6adaac2e21f1838ee5a36bc06a6502f7fb98c474ada90983f37c3
afc34228d42ae4a1ef624472cf4282840a1fbbcacf89b519bc457933400a36a8
b0ed64e410673e2b21c4708daf40a3fd63778cc75d8fd399c0782aeb78aaa816
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b756d121921234c2c13ce62eece77ea3e4f41238c62d19f4a046f803daa06494
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
c15cfb5f49fe27aae610c033f706283ba8e2e5ae29f4bcaefcf2d4de4f8737e8
c240ebcb869a7fa19c90fd91f9a88fda1aa2b9364175398ef2bc2788b407385f
c4c839503feccb0af51b0a7242207dc3a50a56c85f5612dbfbc70fe1378a751f
c5db63ad398e0faeecf5faccad357a04a5bea01b1fe65d3fd7e9430ed727625c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfa75114141749296df1120a4b525d0f9bb7b8df256a34e69477756382e5e16c
d30c7601f5603b1bdd0f557aaca632ca44db15ec215272de015058c3900ad576
d3ed6e4f76ddb6350098ea115f1c9e20ec0a2563682c4e6f48364afa07cb2561
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
fc51b6b9ce6b9cda9fdcbf6fbdb62431ae43db77e7b5ff3670c2fc0a03edb289
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576
fe08de2ea391392d8af8ad7dec69bf21a03cc8a38f95bea7377761d8e4bff0cf
ffc35ead981c3c3d65056cc883c430803cb9a39d7ecf51479f43d1b86bd3fffc

paiement-securise.pantheon-recherche.com Open in urlscan Pro 108.138.26.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

95 %HTTPS

55 %IPv6

28 Domains

43 Subdomains

39 IPs

5 Countries

4914 kBTransfer

9577 kBSize

33 Cookies

2 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paiement-securise.pantheon-recherche.com Open in urlscan Pro
108.138.26.100 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

95 %
HTTPS

55 %
IPv6

28
Domains

43
Subdomains

39
IPs

5
Countries

4914 kB
Transfer

9577 kB
Size

33
Cookies

129 HTTP transactions
0 data transactions