paysalia2023.bento-prod.gl-events-digital.com Open in urlscan Pro
4.176.22.35  Public Scan

Submitted URL: https://paysalia2023.bento-prod.gl-events-digital.com/
Effective URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Submission: On March 30 via api from US — Scanned from US

Summary

This website contacted 27 IPs in 4 countries across 18 domains to perform 71 HTTP transactions. The main IP is 4.176.22.35, located in Paris, France and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is paysalia2023.bento-prod.gl-events-digital.com.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time paysalia2023.bento-prod.gl-events-digital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 4.176.22.35 8075 (MICROSOFT...)
2 51.68.111.231 16276 (OVH)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 104.17.3.184 13335 (CLOUDFLAR...)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
1 108.139.29.83 16509 (AMAZON-02)
1 13.226.34.65 16509 (AMAZON-02)
3 172.67.39.148 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2a02:6ea0:c40... 60068 (CDN77 _)
2 3.126.133.169 16509 (AMAZON-02)
4 142.251.40.162 15169 (GOOGLE)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2600:1f14:5db... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 142.251.40.98 15169 (GOOGLE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 51.68.111.234 16276 (OVH)
1 142.251.41.4 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
71 27
Apex Domain
Subdomains
Transfer
21 gl-events-digital.com
paysalia2023.bento-prod.gl-events-digital.com
2 MB
9 googlesyndication.com
ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
483 KB
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3307
api.userway.org — Cisco Umbrella Rank: 3249
62 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 574
px4.ads.linkedin.com — Cisco Umbrella Rank: 6571
3 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
191 KB
5 tarteaucitron.io
tarteaucitron.io — Cisco Umbrella Rank: 138840
cdn.tarteaucitron.io — Cisco Umbrella Rank: 180995
60 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3927
28 KB
3 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 16777
glevents.matomo.cloud
59 KB
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 468
p.typekit.net — Cisco Umbrella Rank: 568
17 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4966
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
181 KB
2 ubembed.com
a9649a1272f9496faa065646480e04aa.js.ubembed.com
.js.ubembed.com Failed
assets.ubembed.com — Cisco Umbrella Rank: 13058
49 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
265 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
269 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 814
17 KB
1 paysalia.com
www.paysalia.com
736 KB
1 accessibilityserver.org
accessibilityserver.org — Cisco Umbrella Rank: 32954
2 KB
71 18
Domain Requested by
21 paysalia2023.bento-prod.gl-events-digital.com 2 redirects paysalia2023.bento-prod.gl-events-digital.com
6 securepubads.g.doubleclick.net paysalia2023.bento-prod.gl-events-digital.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn.userway.org accessibilityserver.org
cdn.userway.org
paysalia2023.bento-prod.gl-events-digital.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
3 cdn.tarteaucitron.io tarteaucitron.io
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 static.addtoany.com paysalia2023.bento-prod.gl-events-digital.com
static.addtoany.com
3 challenges.cloudflare.com 1 redirects paysalia2023.bento-prod.gl-events-digital.com
challenges.cloudflare.com
2 api.userway.org cdn.userway.org
2 glevents.matomo.cloud cdn.matomo.cloud
2 www.googletagmanager.com paysalia2023.bento-prod.gl-events-digital.com
tarteaucitron.io
2 use.typekit.net paysalia2023.bento-prod.gl-events-digital.com
use.typekit.net
2 tarteaucitron.io paysalia2023.bento-prod.gl-events-digital.com
1 www.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 px4.ads.linkedin.com paysalia2023.bento-prod.gl-events-digital.com
1 www.linkedin.com 1 redirects
1 ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.facebook.com paysalia2023.bento-prod.gl-events-digital.com
1 snap.licdn.com www.googletagmanager.com
1 www.paysalia.com paysalia2023.bento-prod.gl-events-digital.com
1 p.typekit.net use.typekit.net
1 assets.ubembed.com a9649a1272f9496faa065646480e04aa.js.ubembed.com
1 accessibilityserver.org paysalia2023.bento-prod.gl-events-digital.com
1 cdn.matomo.cloud paysalia2023.bento-prod.gl-events-digital.com
1 a9649a1272f9496faa065646480e04aa.js.ubembed.com paysalia2023.bento-prod.gl-events-digital.com
0 .js.ubembed.com Failed paysalia2023.bento-prod.gl-events-digital.com
71 28
Subject Issuer Validity Valid
paysalia2023.bento-prod.gl-events-digital.com
R3
2024-03-29 -
2024-06-27
3 months crt.sh
tarteaucitron.io
R3
2024-03-29 -
2024-06-27
3 months crt.sh
*.js.ubembed.com
E1
2024-02-14 -
2024-05-14
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03
2023-10-27 -
2024-11-23
a year crt.sh
accessibilityserver.org
Amazon RSA 2048 M03
2023-10-07 -
2024-11-03
a year crt.sh
assets.ubembed.com
Amazon RSA 2048 M03
2023-12-06 -
2025-01-03
a year crt.sh
static.addtoany.com
E1
2024-02-24 -
2024-05-24
3 months crt.sh
www.paysalia.com
E1
2024-02-02 -
2024-05-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
1667503734.rsc.cdn77.org
R3
2024-02-27 -
2024-05-27
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02
2023-06-21 -
2024-07-19
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-07 -
2024-04-06
3 months crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
cdn.tarteaucitron.io
R3
2024-03-07 -
2024-06-05
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 7 frames:

Primary Page: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Frame ID: 4DD21396692D0080DCE778187745424D
Requests: 59 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 2131BB3FE4589D9B8A504CECB9285E81
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lng3w/0x4AAAAAAAE1SgCgeykyPxHP/auto/normal
Frame ID: 4B5316E06F388C1CCDB07FEFA7C0D453
Requests: 1 HTTP requests in this frame

Frame: https://ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9635417667FFDCDC3A32EDDD2D61E899
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPRxDPAwWkb5VC74IGhwfPZcHXpamxN1heFCJchUF7haj-Ev3mCAFhcVZc5YmvfU2NzlvSiR98dXGIysnawZbIBOVr_8HDqzMGiTAIV924Kt966sKa5ftvloVt3l9XZ901g8UqqAklmMz3-_a0Eog6nZnvRehR6qA8Jq1zYGLP7ldJVW91ZnkUESlRCNIZvZuN9sPt2fz297zZ_JZuUP9i3i28K61D-vBELmrv5oMvjfYSKKb7j6wIklaBGZrGRbLQscxZL6U_AyZNgaIXutRPX7gvYd4pIFQXUQBjM2XTUWInzil3n3zHzYyH0GuGngjyEC30YyxyuTAKzRR-v3sBp6ERw68XfQ2uLuqUQAiRh88Fp9BIwS_mWuEp8edfdtyBSYoh&sai=AMfl-YROOKc_Gv9UrWxq9NeD1_8AwDjDtj982XbJjPsCJi415dR0S_evGQowOzN6IGp8pLuvgmbtD9pF4m3hoqh0G5v3J0hjDV-62xUsS6Vimrsuki44Lbrnqxf-KHtYL-AT3nG2dN5hhjpMFseLdz5KP3I&sig=Cg0ArKJSzBiQRWMhHDzLEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 2B2D95F64DE148573975BE2BA7004EBE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93C2C4FDAD0AF36506744133E7FCF62A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9794126BDAD71BC39E915C318C1C05B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Salon Paysalia | Paysalia 2025

Page URL History Show full URLs

  1. https://paysalia2023.bento-prod.gl-events-digital.com/ HTTP 301
    https://paysalia2023.bento-prod.gl-events-digital.com/fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

71
Requests

93 %
HTTPS

54 %
IPv6

18
Domains

28
Subdomains

27
IPs

4
Countries

4397 kB
Transfer

6022 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paysalia2023.bento-prod.gl-events-digital.com/ HTTP 301
    https://paysalia2023.bento-prod.gl-events-digital.com/fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js
Request Chain 29
  • https://paysalia2023.bento-prod.gl-events-digital.com/webgl_cookies/get-css HTTP 301
  • https://paysalia2023.bento-prod.gl-events-digital.com/fr/webgl_cookies/get-css
Request Chain 49
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1201796%26time%3D1711760445058%26li_adsId%3D74617202-f143-4a32-9803-ce0db5b98cd3%26url%3Dhttps%253A%252F%252Fpaysalia2023.bento-prod.gl-events-digital.com%252Ffr%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cookiesTest=true&liSync=true&e_ipv6=AQJ70Ilj7MqkKwAAAY6M35BD_DWcscOmgKWniGfTZ1SJeMr1RLYdGYGoiUljhgYdghSTbg

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fr
paysalia2023.bento-prod.gl-events-digital.com/
Redirect Chain
  • https://paysalia2023.bento-prod.gl-events-digital.com/
  • https://paysalia2023.bento-prod.gl-events-digital.com/fr
89 KB
90 KB
Document
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37cbffef2cf45dd89cf3d33ec5a369b30a477ca61f8784894ace343de46bfe67
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=1800, public, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=60
cache-tag
7d0,eaa,f66,97d,8f7,fab,848,d77,be1,5e5,1f5,075,30c,449,448,187,6e3,217,bcb,f6b,826,8a9,05f,728,6e2,274,222,50d,07b,b6d,73a,2bf,8bf,b88,02f,207,273,a73,4dc,730,582,61b,4f0,ed0,5bd,7e2,dbe,0c5,8b6,32f,0f8,003,0a9,2c6,620,858,9ed,1e8,8ae,c08,7ff,f11,e5b,20b,1f0,749,89f,8dd,2f1,b17,737,17d,92a,7ba,ccb,1da,4ad,b60,1c9,240,2a8,c44,dcb,6fe,441,c1e,4b0,4ce,850,ed0,881,5ff,e4a,c4f,f95,897,e04,21d,a8a,778,12a,94b,093,ef7,f13,1a3,33a,bfc,a8c,2d2,d57,b3d,c35,31e,9a4,73b,82b,a63,d59,531,a88,f99,d77,fbd,dc9,c21,b2a,817,176,4ed,f5c,f7b,d34,469,827,671,52d,3f6,363,841,90b,2d9,5b4,388,1ec,d76,ca4,f70,040,129,c53,b7b,52e,e11,254,30c,d3d,183,0b5,bff,52f,a84,0af,0cb,a9c,cf8,716,cce,7d7,01b,bbe,652,9cd,67c,a7f,76c,7e3,c3f,bdb,e45,56b,fff,c3e,476,d15,b02,24a,b78,eee,4bd,2a9,488,041,b7a,ca3,689,279,51a,a8b,401,f70
content-language
fr
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 01:00:41 GMT
etag
"1711746571"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Fri, 29 Mar 2024 21:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
tata
Toto
vary
Cookie
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
x-ua-compatible
IE=edge

Redirect headers

cache-tag
401,8b6,f70
content-language
fr
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 01:00:41 GMT
location
https://paysalia2023.bento-prod.gl-events-digital.com/fr
strict-transport-security
max-age=31536000; includeSubDomains
tata
Toto
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-route-normalizer
1
x-frame-options
SAMEORIGIN ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
x-ua-compatible
IE=edge
load.js
tarteaucitron.io/
92 KB
19 KB
Script
General
Full URL
https://tarteaucitron.io/load.js?uuid=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.111.231 , France, ASN16276 (OVH, FR),
Reverse DNS
tarteaucitron.io
Software
Apache /
Resource Hash
bf2b9ea2595b97ed63c6c1e2771de84527d6bee3a66663ecc9aea5d9f0e38358
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 30 Mar 2024 01:00:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
DENY
Upgrade
h2
Content-Type
application/javascript; charset=utf-8
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=1
Content-Length
19548
Expires
Sun, 31 Mar 2024 01:00:41 GMT
/
a9649a1272f9496faa065646480e04aa.js.ubembed.com/
425 B
686 B
Script
General
Full URL
https://a9649a1272f9496faa065646480e04aa.js.ubembed.com/
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:944b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e2985564d2e776d632cbf744819b9bdf0b82520383b4dc7348f48367141dec

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
553
etag
W/"215e3e05b73c0c064756ee433544b160a8cc0c7f"
vary
Accept-Encoding, Referer
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
cf-ray
86c42a082cc125a6-MIA
/
.js.ubembed.com/
0
0

api.js
challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js
39 KB
13 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
86c42a14489a7479-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 30 Mar 2024 01:00:43 GMT
server
cloudflare
vary
Accept-Encoding
location
/turnstile/v0/g/dc6b543c1346/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
86c42a12be497479-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
css_OYma_bXTJV9aggYPkaF5T4TCG14vQ48feBeAOQdPeIk.css
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/
38 KB
38 KB
Stylesheet
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_OYma_bXTJV9aggYPkaF5T4TCG14vQ48feBeAOQdPeIk.css
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39899afdb5d3255f5a82060f91a1794f84c21b5e2f438f1f78178039074f7889
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 18 Mar 2024 15:19:46 GMT
etag
"65f85b92-9670"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
text/css
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
38512
expires
Thu, 31 Dec 2037 23:55:55 GMT
css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/
228 KB
229 KB
Stylesheet
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a18e8e4efc6f2e6918db4d6aa7506604b2ade974b8e7b5fae5d99fc423a0b29
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 27 Mar 2024 09:50:13 GMT
etag
"6603ebd5-390f8"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
text/css
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
233720
expires
Thu, 31 Dec 2037 23:55:55 GMT
kht1qjd.css
use.typekit.net/
3 KB
942 B
Stylesheet
General
Full URL
https://use.typekit.net/kht1qjd.css
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8098d0207d4946a3c9ff7c9ed126d5c497ca3454b862aa16835427552f4f9ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sat, 30 Mar 2024 01:00:41 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
719
css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/
99 KB
100 KB
Stylesheet
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f40dc168cc7573c82b1e5120f8fb6e09f746d3293faa762612f35bbf9a64875
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 10 Mar 2024 19:19:52 GMT
etag
"65ee07d8-18c31"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
text/css
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
101425
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_rto-BIO4FPoLiiayDfagys7oH10fDRIl6mOJpqKX668.js
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/
1 MB
1 MB
Script
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/js_rto-BIO4FPoLiiayDfagys7oH10fDRIl6mOJpqKX668.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aeda3e0483b814fa0b8a26b20df6a0cacee81f5d1f0d1225ea6389a6a297ebaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 10 Mar 2024 19:19:52 GMT
etag
"65ee07d8-117909"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
1145097
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/
232 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPSNH9R
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40d3d6f76c4c5ed9f9ad770277466aea378b7ebceffaf9067f88ea708944f482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85956
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Mar 2024 01:00:43 GMT
matomo.js
cdn.matomo.cloud/glevents.matomo.cloud/
201 KB
59 KB
Script
General
Full URL
https://cdn.matomo.cloud/glevents.matomo.cloud/matomo.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:7600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
afa07e50a5c5dbef60f8ab0ef140c924b92b18c28513626fe65f099a0b03bd82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 00:01:21 GMT
x-amz-version-id
3aCWlu4AXagY0kcT2wJByoImVH_fQ8LR
content-encoding
gzip
strict-transport-security
max-age=31536000
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
3563
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 21 Mar 2024 00:53:40 GMT
server
CloudFront
etag
W/"32822fb52f57110b63e1606452140580"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
MIc_oz5rPv7fDI1tOmUZZ9ZsmVKsGQfBADEQhfwZXvyY-QIywfEn-A==
widget.js
accessibilityserver.org/
2 KB
2 KB
Script
General
Full URL
https://accessibilityserver.org/widget.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-83.jfk50.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
7c5c9b5992df609cf2729dc38f85fcdd78e95f9e8f1958d072f8b06b23132be0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 00:59:34 GMT
via
1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront), 1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7, JFK50-P2
age
1211
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
2251
x-accel-date
1711694021
x-77-nzt
EgwBnJIkFgH3ywgAAAwBuTvfFAH3dAAAAA
x-77-age
2367
last-modified
Thu, 28 Mar 2024 17:22:23 GMT
server
CDN77-Turbo
x-77-nzt-ray
1e192d083e4b126490690666c6781829
etag
W/"d311a0c98c00b49cae8a86bf4e8fd36e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding,Accept-Encoding
x-amz-cf-id
HWHGEopi5JSVIU-qkG0vyOGLpWf8mIo34gYMKgchFdKO44Vn96w_Gw==
logopaysalia-2021-frblancpng.png.webp
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/styles/media_demi/public/assets/2023-10/
7 KB
7 KB
Image
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/styles/media_demi/public/assets/2023-10/logopaysalia-2021-frblancpng.png.webp?itok=Je5XtVIu
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff5a9f25258e7e067e5aa035f5602302714d2071c47f66c69358521afe76f59f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 05 Oct 2023 13:29:01 GMT
etag
"651eba1d-1c0c"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
image/webp
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
7180
expires
Thu, 31 Dec 2037 23:55:55 GMT
greentech-logosvg.svg
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/assets/2023-06/
3 KB
3 KB
Image
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/assets/2023-06/greentech-logosvg.svg
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45174b1212ef181104580db29c23dec7d02da70f788957020a153317feafe3a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 29 Sep 2023 09:50:45 GMT
etag
"65169df5-abf"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
image/svg+xml
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
2751
expires
Thu, 31 Dec 2037 23:55:55 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.180.1/
176 KB
48 KB
Script
General
Full URL
https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by
Host: a9649a1272f9496faa065646480e04aa.js.ubembed.com
URL: https://a9649a1272f9496faa065646480e04aa.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-65.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 11 Sep 2023 16:32:59 GMT
content-encoding
gzip
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 18:18:30 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
17310464
etag
W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
peCxpxD2OPH-boyEih_4h4so0ABRJ3xTFnkWMG0S7s1vGLIcz1Qc_Q==
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=kht1qjd&ht=tk&f=28973.28974.28987.28988&a=131909779&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kht1qjd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:41 GMT
last-modified
Sun, 03 Sep 2023 12:50:41 GMT
server
nginx
etag
"64f48121-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
js_1ha3vWWDtZgqvgbxqiaDz4JQRsz6Wg4yWf_0n5x9T-Q.js
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/
123 KB
123 KB
Script
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/js_1ha3vWWDtZgqvgbxqiaDz4JQRsz6Wg4yWf_0n5x9T-Q.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d616b7bd6583b5982abe06f1aa2683cf825046ccfa5a0e3259fff49f9c7d4fe4
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 10 Mar 2024 19:19:53 GMT
etag
"65ee07d9-1ebad"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
125869
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1356
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"257f9651f9cfd949f6dde30f51352116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTl3Z8ZMf2D6hObhD1FDnsnHRXrHCB%2B%2F0ifgRVNPIcoXhBFSlAU3z1S%2Fb%2FTmtu2u1itYkky7Hff9zT%2Fq5So7NP7rdMueqo2tMoPsGvMBXf4kbumJGa0Lr%2BrrCfMR4WjGQzq2v4BX4HSzEKTkDb9%2F3DT2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
86c42a135f86da9f-MIA
js_ElF38FrRtomhCw3aQcWfyVARvbnaNUh0czMHC9qn4bE.js
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/
159 KB
160 KB
Script
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/js_ElF38FrRtomhCw3aQcWfyVARvbnaNUh0czMHC9qn4bE.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
125177f05ad1b689a10b0dda41c59fc95011bdb9da3548747333070bdaa7e1b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 29 Mar 2024 08:47:37 GMT
etag
"66068029-27d1b"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
163099
expires
Thu, 31 Dec 2037 23:55:55 GMT
visuel-home0jpg.jpg.webp
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/styles/media_full/public/assets/2023-10/
148 KB
148 KB
Image
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/styles/media_full/public/assets/2023-10/visuel-home0jpg.jpg.webp?itok=DVxtRajj
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58fccfff3e23d38c19ca7050ca56c216248463f82dac768c23c0bbff61b8c359
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 27 Oct 2023 07:33:10 GMT
etag
"653b67b6-24f7a"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
image/webp
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
151418
expires
Thu, 31 Dec 2037 23:55:55 GMT
heroimagenjpg.jpg
www.paysalia.com/sites/default/files/assets/2023-06/
735 KB
736 KB
Image
General
Full URL
https://www.paysalia.com/sites/default/files/assets/2023-06/heroimagenjpg.jpg
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963a8a0f5759ba827a147cec3205f6c41e3d549e26f56aff72b6686553807e4b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
cf-cache-status
HIT
age
8187
content-length
752461
cf-bgj
h2pri
last-modified
Fri, 29 Sep 2023 09:50:57 GMT
server
cloudflare
etag
"65169e01-b7b4d"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86c42a1449786dbb-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Medium.woff2
paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/
51 KB
52 KB
Font
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/Roboto-Medium.woff2
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
672ce38087394a312a268f5a156feeb3ca6607fc3d908c270efe1020c439678b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:48 GMT
etag
"6605766c-cddc"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
font/woff2
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
52700
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Bold.woff
paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/
71 KB
71 KB
Font
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/Roboto-Bold.woff
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42babcbc256e2b3a327d5124523d9adb8cd4b86387cfe49f46d771d5505a014b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:48 GMT
etag
"6605766c-11b38"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
font/woff
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
72504
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
paysalia2023.bento-prod.gl-events-digital.com/libraries/fontawesome/webfonts/
147 KB
147 KB
Font
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/libraries/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:48 GMT
etag
"6605766c-24a04"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
font/woff2
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
150020
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Black.woff
paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/
71 KB
71 KB
Font
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/themes/custom/webgl_creative_greentech_theme/dist/fonts/Roboto-Black.woff
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bdfcac9fbf9c6c2fca7d2434569fe404921bba2e8a92f89a73e3ff6c11886a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_Khjo5O_G8uaRjbTWqnUGYEsq3pdLjntfrl2Z_EI6Cyk.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:48 GMT
etag
"6605766c-11bc0"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
font/woff
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
72640
expires
Thu, 31 Dec 2037 23:55:55 GMT
l
use.typekit.net/af/ede55a/00000000000000007735b228/30/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/ede55a/00000000000000007735b228/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kht1qjd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb034ec7fc9a36a13f2ae3015ce18cd312f50ed543dabb296c69c47c29c48f6c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/kht1qjd.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
server
nginx
etag
"4e5df6290798417531712b104b38cc9a8254c05a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16328
fa-brands-400.woff2
paysalia2023.bento-prod.gl-events-digital.com/libraries/fontawesome/webfonts/
107 KB
108 KB
Font
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/libraries/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/css/css_D0DcFozHVzyCseUSD4-24J90bTKT-qdiYS81u_mmSHU.css
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:42 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:48 GMT
etag
"6605766c-1acf0"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
font/woff2
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
109808
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/js_rto-BIO4FPoLiiayDfagys7oH10fDRIl6mOJpqKX668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0940ce24d2d6cef44007192fac2f37c3f3b805504226b46b13160a08036d3da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29058
x-xss-protection
0
server
cafe
etag
811 / 19812 / m202403260101 / config-hash: 7090680554499403314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 01:00:43 GMT
lazysizes.min.js
paysalia2023.bento-prod.gl-events-digital.com/libraries/lazysizes/
8 KB
8 KB
Script
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/libraries/lazysizes/lazysizes.min.js
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/js/js_ElF38FrRtomhCw3aQcWfyVARvbnaNUh0czMHC9qn4bE.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 28 Mar 2024 13:53:49 GMT
etag
"6605766d-1ed1"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
7889
expires
Thu, 31 Dec 2037 23:55:55 GMT
get-css
paysalia2023.bento-prod.gl-events-digital.com/fr/webgl_cookies/
Redirect Chain
  • https://paysalia2023.bento-prod.gl-events-digital.com/webgl_cookies/get-css
  • https://paysalia2023.bento-prod.gl-events-digital.com/fr/webgl_cookies/get-css
1 KB
2 KB
XHR
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/fr/webgl_cookies/get-css
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
186cb4d4da036ffaf3a01e84fb13af63524b5894e107ea735c2ec8d7ad831c28
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

expires
Sun, 19 Nov 1978 05:00:00 GMT
date
Sat, 30 Mar 2024 01:00:43 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN, ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
application/json
content-language
fr
cache-control
must-revalidate, no-cache, private
tata
Toto
x-ua-compatible
IE=edge

Redirect headers

x-ua-compatible
IE=edge
x-drupal-route-normalizer
1
date
Sat, 30 Mar 2024 01:00:43 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN, ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-language
fr
location
https://paysalia2023.bento-prod.gl-events-digital.com/fr/webgl_cookies/get-css
content-type
text/html; charset=UTF-8
cache-control
must-revalidate, no-cache, private
cache-tag
401,f70
tata
Toto
expires
Sun, 19 Nov 1978 05:00:00 GMT
sm.25.html
static.addtoany.com/menu/ Frame 2131
0
0
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
20802
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
86c42a14ccf967bd-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 30 Mar 2024 01:00:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR3Q8rrmYziF1XnrXunGmocjXXYKdFGkt5hNF0UeqNB%2FQAlyTtvZDXS8LCel22etjHnHqmxPEBTPjFcD7CenCeWkqHR%2BGCPNQklCpXKCQ8OQKaYq9NwuCWt40zRGhbpEfw5LjMwdXoVcNTQ1rlTEHIFP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.Ep5bSEmr.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8187
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a995aaed2cd978eb5749462d1dc3635e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwxrBaQ3eNUu%2Bgx85Ogn%2BVs6YD%2FzVpoUgyjo82eHJ02N%2BFt3wR6wLOy8i2Dj1xnwq9zJsmWxaQ0bmKszxsF2SRhlRDYmyrJ149xZcilVvfk6WB0xojYLYIVRj4CvP1KvQLMiYRu9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
86c42a14c855742a-MIA
widget_app_base_1711646404498.js
cdn.userway.org/widgetapp/2024-03-28-17-20-04/
151 KB
43 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/widget_app_base_1711646404498.js
Requested by
Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ad321a3f8b90ec6f2ad9796475a26450bb0c6dd1388b1cc3f59c163b1ba927da

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 01:00:43 GMT
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
706
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
113119
x-accel-date
1711647324
x-77-nzt
EgwBnJIkFgH337kBAAwBnJI73wH3AAAAAA
x-accel-expires
@1737567324
x-77-age
113119
last-modified
Thu, 28 Mar 2024 17:22:18 GMT
server
CDN77-Turbo
etag
W/"be0ed963b4e485f26c877f0204995d4b"
x-77-nzt-ray
1e192d08bc0ae4be3b640766d0983c39
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
XddX7XDM59bUf0B_sMsZk0jpNEUehOau5R2p4OYyr2vtaYuU4i_L5A==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lng3w/0x4AAAAAAAE1SgCgeykyPxHP/auto/ Frame 4B53
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lng3w/0x4AAAAAAAE1SgCgeykyPxHP/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86c42a15bd139071-MIA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 01:00:43 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
matomo.php
glevents.matomo.cloud/
0
188 B
Ping
General
Full URL
https://glevents.matomo.cloud/matomo.php?action_name=Salon%20Paysalia%20%7C%20Paysalia%202025&idsite=12&rec=1&r=837104&h=15&m=0&s=43&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&_id=3b18db356704ecc7&_idn=1&send_image=0&_refts=0&pv_id=bEB3Ot&fa_pv=1&fa_fp[0][fa_vid]=ChJqt3&fa_fp[0][fa_id]=webform-submission-webgl-webform-contact-paragraph-2952-add-form&fa_fp[0][fa_fv]=1&pf_net=0&pf_srv=191&pf_tfr=403&pf_dm1=1638&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.86%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.86%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=800x600
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/glevents.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://paysalia2023.bento-prod.gl-events-digital.com
date
Sat, 30 Mar 2024 01:00:45 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/
438 KB
138 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e6cd18826928bf01d43aff8ed048e78cdbae0b38d171dc711dd5abae49535cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 11:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
49327
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141108
x-xss-protection
0
server
cafe
etag
15925049506393958461
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 29 Mar 2025 11:18:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
90 B
93 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=paysalia2023.bento-prod.gl-events-digital.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
898357f43f61a3ed1ebb1cdd989f480354e2417573d7417460ade3ca3e7afebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
x-xss-protection
0
expires
Sat, 30 Mar 2024 01:00:44 GMT
configs.php
glevents.matomo.cloud/plugins/HeatmapSessionRecording/
117 B
292 B
Script
General
Full URL
https://glevents.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=12&trackerid=5CdiOG&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/glevents.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3882430dc89e08a6c0d8e56098980e001e9fab4b9f97fc0cd2d3c41ed44b7388

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:45 GMT
content-encoding
gzip
server
Apache
content-length
120
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
insight.min.js
snap.licdn.com/li.lms-analytics/
48 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPSNH9R
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a51 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=54800
accept-ranges
bytes
content-length
17224
tr
www.facebook.com/
0
269 B
Image
General
Full URL
https://www.facebook.com/tr?id=627457197873607&ev=PageView&noscript=1&gtmcb=507314905
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=72, rtx=0, c=10, mss=1294, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Mar 2024 01:00:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
UANkqx5N1e
api.userway.org/api/tunings/
325 B
711 B
XHR
General
Full URL
https://api.userway.org/api/tunings/UANkqx5N1e
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/widget_app_base_1711646404498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:6e72:4252:dcb:b03b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
86dfd495fb061ee0920d8fb994efb9f1f62884de2370329b780e5e7dcbbad492

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 30 Mar 2024 01:00:45 GMT
etag
W/"145-CmDMqRzQxtxDnli6ulZtKdR3j7o"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr45b8b5980532450
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
325
x-service-version
uw-pr
ads
securepubads.g.doubleclick.net/gampad/
63 KB
24 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2670133059037950&correlator=1525365837701753&eid=31079956%2C21065724&output=ldjh&gdfp_req=1&vrg=202403260101&ptt=17&impl=fifs&iu_parts=108210606%2CPaysalia_HP_BOT&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1711760444225&lmt=1711746571&adxs=160&adys=1997&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&vis=1&psz=1280x0&msz=1280x0&fws=4&ohw=1280&ga_vid=1459797168.1711760444&ga_sid=1711760444&ga_hid=1745662171&ga_fc=false&dlt=1711760441485&idt=2602&adks=2882258749&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
3b601445991c758edf71b053a1d784788b8e889cdb15caf643f3db338d64a239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24671
x-xss-protection
0
google-lineitem-id
6392626796
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449625631
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paysalia2023.bento-prod.gl-events-digital.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9635
0
0
Document
General
Full URL
https://ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 01:00:45 GMT
expires
Sun, 30 Mar 2025 01:00:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2B2D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPRxDPAwWkb5VC74IGhwfPZcHXpamxN1heFCJchUF7haj-Ev3mCAFhcVZc5YmvfU2NzlvSiR98dXGIysnawZbIBOVr_8HDqzMGiTAIV924Kt966sKa5ftvloVt3l9XZ901g8UqqAklmMz3-_a0Eog6nZnvRehR6qA8Jq1zYGLP7ldJVW91ZnkUESlRCNIZvZuN9sPt2fz297zZ_JZuUP9i3i28K61D-vBELmrv5oMvjfYSKKb7j6wIklaBGZrGRbLQscxZL6U_AyZNgaIXutRPX7gvYd4pIFQXUQBjM2XTUWInzil3n3zHzYyH0GuGngjyEC30YyxyuTAKzRR-v3sBp6ERw68XfQ2uLuqUQAiRh88Fp9BIwS_mWuEp8edfdtyBSYoh&sai=AMfl-YROOKc_Gv9UrWxq9NeD1_8AwDjDtj982XbJjPsCJi415dR0S_evGQowOzN6IGp8pLuvgmbtD9pF4m3hoqh0G5v3J0hjDV-62xUsS6Vimrsuki44Lbrnqxf-KHtYL-AT3nG2dN5hhjpMFseLdz5KP3I&sig=Cg0ArKJSzBiQRWMhHDzLEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 30 Mar 2024 01:00:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240328/r20110914/ Frame 2B2D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240328/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 04:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
75244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
6094826908298432593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Apr 2024 04:06:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240328/r20110914/client/ Frame 2B2D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240328/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 04:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
75245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Apr 2024 04:06:40 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2B2D
214 KB
65 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
f2bb46eff3a507b385fcf4ce0295cd00837cddb4cd187ac4fec01ec8413bb444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 00:35:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
1506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66539
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 01:35:39 GMT
4550815157162634328
tpc.googlesyndication.com/simgad/ Frame 2B2D
389 KB
389 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4550815157162634328
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b84b5a4113a1a0ea02db6ebbe03e46fe35ec38ba4b6e82154e9b03d6b81c9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 30 Mar 2024 01:00:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
397829
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 10:03:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 30 Mar 2025 01:00:45 GMT
truncated
/ Frame 2B2D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89290bc3dc7a45b834bb719bfa291677542f5bb6feeed5b4933eeb5b32cd23e1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cook...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1201796%26time%3D1711760445058%26li_adsId%3D74617202-f143-4a32-9803-ce0db5b98cd3%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cook...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&coo...
0
488 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cookiesTest=true&liSync=true&e_ipv6=AQJ70Ilj7MqkKwAAAY6M35BD_DWcscOmgKWniGfTZ1SJeMr1RLYdGYGoiUljhgYdghSTbg
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Mar 2024 01:00:45 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7B2DA7BC950F4C32B6D63CA4C440C787 Ref B: MIAEDGE1507 Ref C: 2024-03-30T01:00:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYU1klYJikUel+VTAnl0w==

Redirect headers

date
Sat, 30 Mar 2024 01:00:45 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FFAE4F96543C40D39B5E9AFDC9B95A6C Ref B: MIAEDGE2815 Ref C: 2024-03-30T01:00:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1201796&time=1711760445058&li_adsId=74617202-f143-4a32-9803-ce0db5b98cd3&url=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&cookiesTest=true&liSync=true&e_ipv6=AQJ70Ilj7MqkKwAAAY6M35BD_DWcscOmgKWniGfTZ1SJeMr1RLYdGYGoiUljhgYdghSTbg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYU1klLaojw6DcVq+w3Ug==
fr.json
cdn.userway.org/widgetapp/2024-03-28-17-20-04/locales/
696 B
1 KB
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/locales/fr.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/widget_app_base_1711646404498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3bad93e2db5168be274331283b090dc54eb7a2c9040b3d986cfc69135e203148

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 01:00:45 GMT
via
1.1 d07915e7a5c22513f7a2f462a7421cce.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
28
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
113069
x-accel-date
1711647376
x-77-nzt
EgwBnJIkFgH3rbkBAAwBnJI76AH3sQAAAA
x-accel-expires
@1737567199
x-77-age
113246
last-modified
Thu, 28 Mar 2024 17:22:17 GMT
server
CDN77-Turbo
etag
W/"f085dd5c1c201f900bec88b1ec136a79"
x-77-nzt-ray
1e192d08bc0ae4be3d640766b02a7b08
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
yUBW60xMHixy9LquECeH1M5ZM90m4UHbFM16b3mgK7EPNIWTeeK-Yg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B2D
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 01:00:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2B2D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtaU59_HdbX3X5oGQMdn2nPYNmtjqq7AZnL79ORsjY7uT7CCekhOi5Nkh-790NTj1YCLGuKIqBinCj8J6mwVzb9tY4W8s_cXtEKxhMiYTkk-YgLWle10okYdcm-dJfftRqPHx9pLkH06LFQXeClJy-iunPYKIfqVQY7s8U-YjbOEzEaHkxaHLv_SxzYrCZHsCuPmL7Ub_D66lzR17h70ubPJQvAIScNgHYaqEoufRB-5dHq6chQi5oSoHRFgi1qtAmiMxlsSMTZpije09Fhn7Glnf_MZ7on7YArvmCNUE14xd70_ia8GhShB9nz5sf0huns_Xuw_Lt4gr__N7SOipKG-U45zS-Q-X5n3VGQRRieoDjNhEcN8I5jrRDIeChccktY-nYhSw&sai=AMfl-YRG8r2HQmL5PZWou23QlDSfh07v23tSDVdV98_9CsHZ8URLf-b0V2A8tJKriGEd-cDn6U8xYnPLeIK492LylUSBvsxdS38FWJfHQkkxgFlRQRt1KG5kYJAtNodmfW6uSHB-c35LN0cu-P1tXO2FYo0&sig=Cg0ArKJSzNh0UJvPuPWNEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 30 Mar 2024 01:00:45 GMT
remediation-tool-free.js
cdn.userway.org/remediation/free/
30 KB
12 KB
Script
General
Full URL
https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1711646404498
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/widget_app_base_1711646404498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4e372111c0fe9f8acd5da664244c32d820e688cf72df7d7c7b7b8ba629a4d641

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Origin
https://paysalia2023.bento-prod.gl-events-digital.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 01:00:45 GMT
via
1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
704
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
113121
x-accel-date
1711647324
x-77-nzt
EgwBnJIkFgH34bkBAAwBuTvfFAH3AAAAAA
x-accel-expires
@1737567324
x-77-age
113121
last-modified
Thu, 28 Mar 2024 17:22:22 GMT
server
CDN77-Turbo
etag
W/"b9ba54d03dd2e6a2ff7abe0f1551ab6f"
x-77-nzt-ray
1e192d08bc0ae4be3d64076661ff9028
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
lPSMXVy39riUMZRrqYW1PfigeQzKo7qzMQKRNsxU2ZYreor5-4KD7A==
body_wh.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 01:00:45 GMT
via
1.1 65cf746d404c73d4aef0b35e7fcab946.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
166
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
113121
x-accel-date
1711647324
x-77-nzt
EgwBnJIkFgH34bkBAAwBnJI74gH3AAAAAA
x-accel-expires
@1737567324
x-77-age
113121
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
1e192d0801096bd53d6407660e1f4432
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
48HXfD3X9lVLf8BGi1O82Ayd_Z7jEvtmLpDWB_WWtSxmzlRcc88UzQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: paysalia2023.bento-prod.gl-events-digital.com
URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
newyorkUSNY
date
Sat, 30 Mar 2024 01:00:45 GMT
via
1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
706
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
113121
x-accel-date
1711647324
x-77-nzt
EgwBnJIkFgH34bkBAAwBnJI74gH3AAAAAA
x-accel-expires
@1737567324
x-77-age
113121
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
1e192d0801096bd53d640766fc004a32
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
2_xTLmlugK-mrY_qUmFYjwlpDqAtddDJ_T7qPLiUXh-DtWRJGQTgtg==
/
px.ads.linkedin.com/wa/
0
215 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6AF0262E7B854B37B9EABB3D113C30FC Ref B: MIAEDGE2815 Ref C: 2024-03-30T01:00:46Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://paysalia2023.bento-prod.gl-events-digital.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYU1klZ+usHLgNgq7k/TA==
tarteaucitron.min.css
cdn.tarteaucitron.io/css/
24 KB
5 KB
Stylesheet
General
Full URL
https://cdn.tarteaucitron.io/css/tarteaucitron.min.css
Requested by
Host: tarteaucitron.io
URL: https://tarteaucitron.io/load.js?uuid=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.111.234 , France, ASN16276 (OVH, FR),
Reverse DNS
cdn.tarteaucitron.io
Software
nginx / PleskLin
Resource Hash
3ef683a95b6f1457a2a663b39a324065b442f125b25b2974118fe8fdc567e875

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
content-encoding
br
last-modified
Tue, 12 Mar 2024 11:23:03 GMT
server
nginx
etag
W/"65f03b17-614a"
x-powered-by
PleskLin
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 13 Apr 2024 01:00:46 GMT
tarteaucitron.fr.min.js
cdn.tarteaucitron.io/lang/
3 KB
2 KB
Script
General
Full URL
https://cdn.tarteaucitron.io/lang/tarteaucitron.fr.min.js
Requested by
Host: tarteaucitron.io
URL: https://tarteaucitron.io/load.js?uuid=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.111.234 , France, ASN16276 (OVH, FR),
Reverse DNS
cdn.tarteaucitron.io
Software
nginx / PleskLin
Resource Hash
f48939c5ecc46aaa46b38e6fd241346b179e0fbfacb210342b8b87432169243c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
content-encoding
br
last-modified
Thu, 07 Mar 2024 16:08:43 GMT
server
nginx
etag
W/"65e9e68b-ce2"
x-powered-by
PleskLin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 13 Apr 2024 01:00:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6e2a875c1ace63d5d526b40458e76b5b3f07e465e8fe98ed4d63ff9c8fd10975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12160
x-xss-protection
0
favicon-paysalia.png
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/
13 KB
13 KB
Other
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/favicon-paysalia.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3a8894620b52e2269583be6f6d571e690c94e96f8f890c032c66cf2b31c6aa8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Oct 2023 08:50:30 GMT
etag
"651fca56-3247"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
image/png
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
12871
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 01:00:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93C2
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
178201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 23:30:45 GMT
expires
Thu, 27 Mar 2025 23:30:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D979
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T3zL2gpqLmJBuv2oy6BcEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-T3zL2gpqLmJBuv2oy6BcEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 01:00:46 GMT
expires
Sat, 30 Mar 2024 01:00:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tarteaucitron.services.min.js
cdn.tarteaucitron.io/
168 KB
33 KB
Script
General
Full URL
https://cdn.tarteaucitron.io/tarteaucitron.services.min.js
Requested by
Host: tarteaucitron.io
URL: https://tarteaucitron.io/load.js?uuid=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.111.234 , France, ASN16276 (OVH, FR),
Reverse DNS
cdn.tarteaucitron.io
Software
nginx / PleskLin
Resource Hash
1044ae625640bf00c9015cbd6cbb3a39facd778e8cae72b801e7545d0c902a01

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:47 GMT
content-encoding
br
last-modified
Tue, 12 Mar 2024 16:05:53 GMT
server
nginx
etag
W/"65f07d61-29e47"
x-powered-by
PleskLin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 13 Apr 2024 01:00:47 GMT
logopaysalia-2023-frpng.png
paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/assets/2023-12/
7 KB
7 KB
Image
General
Full URL
https://paysalia2023.bento-prod.gl-events-digital.com/sites/default/files/assets/2023-12/logopaysalia-2023-frpng.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
4.176.22.35 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff5a9f25258e7e067e5aa035f5602302714d2071c47f66c69358521afe76f59f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/fr
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:47 GMT
content-security-policy
frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 04 Dec 2023 12:41:05 GMT
etag
"656dc8e1-1c0c"
x-frame-options
ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com
content-type
image/png
cache-control
max-age=315360000
tata
Toto
accept-ranges
bytes
content-length
7180
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
281 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3NH9HS2GE7
Requested by
Host: tarteaucitron.io
URL: https://tarteaucitron.io/load.js?uuid=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fc8b460aaca1498f2ee08ee1393e6adfbd777ca6c707b66816502363d0082cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98383
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Mar 2024 01:00:47 GMT
/
tarteaucitron.io/log/
95 B
566 B
Image
General
Full URL
https://tarteaucitron.io/log/?account=7d00ad8d833e69d86c013c07e606a300ac2e7a27&domain=paysalia.com&status=!dfp%3Dfalse!facebookpixel%3Dfalse!linkedininsighttag%3Dfalse!gajs%3Dfalse!gtag%3Dfalse!addtoanyshare%3Dfalse!youtubeapi%3Dfalse&_time=1711760448383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.111.231 , France, ASN16276 (OVH, FR),
Reverse DNS
tarteaucitron.io
Software
Apache /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2024 01:00:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Sat, 30 Mar 2024 01:00:48 GMT
Server
Apache
X-Frame-Options
DENY
Upgrade
h2
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=1
Content-Length
95
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/g/
0
265 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3NH9HS2GE7&_ono=1&gtm=45je43r0v877902396za200&_p=1711760441511&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&cid=1459797168.1711760444&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&sid=1711760447&sct=1&seg=0&dl=https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr&dt=Salon%20Paysalia%20%7C%20Paysalia%202025&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=7703
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3NH9HS2GE7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 01:00:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paysalia2023.bento-prod.gl-events-digital.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr/DESKTOP/WIDGET_OFF/
77 B
455 B
Fetch
General
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fpaysalia2023.bento-prod.gl-events-digital.com%2Ffr/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-28-17-20-04/widget_app_base_1711646404498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:6e72:4252:dcb:b03b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://paysalia2023.bento-prod.gl-events-digital.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 01:00:50 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-4864f7c7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
.js.ubembed.com
URL
https://.js.ubembed.com/
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403260101&jk=2670133059037950&bg=!BQalBknNAAYQOWS2MDk7ADQBe5WfOEEMSXUltJikavqrkDnMcOZP4isl7ZimChpPDo3ETZ88IKhp5Y0f-mPvNDhqYMY-AgAAAWRSAAAABGgBB34ANYIUpaVb8MHPpxZ3XBm8pwZwCL7JLPpOlbXwqwhL1Umm_0lgD4Nf8HTpoqXswiRn0dvFwWAgmQLGZPqA6v01uEh06nVuSBmHvX-JG-hIuE48No4-UaH9gAFeZ3tPbqa4YoIIbpyrJC7wTSwft7gL6w5N5G-dtlUobsZsOS3gdBdHHPLyTcd0TVS1WtApF6FoEXplf-wx9sYRJiHCXSdphGvnox1ySpJquMS7U7p4R_EwLMceNUYDf0IVy_dIkp-rfSqixWgrquo3Az8LynliuzkQJdnZz359XGKYipfgCSKHD_LQxwkAt5zuRuFDvWmWQUR1dTTEaKEfJVdAAzYYuOSuG15rlrXJd3kmC3bcBU63I9aLAvHJKPRSsn8oRRK37_JMEBvnPNiVNlspsJi_4RISwX_8MPfjpBWbb0-L5yPqHvPEZrtvrwILAvlKTBzZh3WOSwcQFZbc8Mouey1_ictYT4awSgZ7ZVUyWXHJIpBXuwJfC1mYd_lO-IICBfN1pJvDK1UJBHGp8N17Hg1Dlf3cyQSLEyFjC9TO0htcCP431szNilu1aLNK3tc0iuFqj3XnOW5pqhO0pr9TxdUYa89lZjvITpF5PtybiSurKtqjAlL-bELd1seSy5wgzBIZxkZxDemjQheSmv05WieuI0AhQV_y6SWewgsjXiP_igqCbtJrfxJm3qbKY5ZUA_8HYnu9x3Gjn81fa_0tJMiR4N6P1v4wjZhPRPQXq3sLziYOqqnq2DzQxnq28Tc-FhM78sJhE63rmVXwOvu6En0ZSS-lC_a2MKAHZ8AsHqx8ni-3KdwibCJFMq3wx5TNySNqur_S9kj122Fw1asVj9gQmZhe-yt-CRXnI5SPUS_dRKfxt8kCt-eEWATQLs-ARGJX660h_V3DVsAZ90beDL1uZGq80HWG0sDmTOlJP_My6gG6FA47lg1CmXKeRObA9Y0msaTt0XV-Yd75Rxc16WhOW71rVWxWC2tEWB4kIO77ELAZ9T2FPWs6t77C2-xyWlU

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onpagereveal string| tarteaucitronForceLanguage object| dataLayer object| _paq object| a2a_config boolean| tarteaucitronExpireInDay number| tarteaucitronForceExpire boolean| tarteaucitronIsMagicPossible boolean| tarteaucitronStatsEnabled object| scripts string| tarteaucitronPath string| tarteaucitronForceCDN boolean| tarteaucitronUseMin string| cdn number| alreadyLaunch object| tarteaucitronCustomText number| timeExpire undefined| tarteaucitronProLoadServices boolean| tarteaucitronNoAdBlocker boolean| tarteaucitronIsLoaded object| tarteaucitron undefined| customTheme undefined| cssRule undefined| $ function| jQuery object| AOS object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| once function| ES6Promise object| drupalTranslations object| drupalSettings object| Drupal object| tabbable function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| loadjs object| googletag object| lazySizesConfig object| lazySizes object| a2a function| a2a_init object| UserWayWidgetApp object| turnstile object| ube object| Piwik object| Matomo object| matomoAbTestingCampaignUrlParamList object| AnalyticsTracker function| piwik_log object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| _linkedin_data_partner_id undefined| google_measure_js_timing function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway number| google_unique_id object| gaGlobal function| lintrk boolean| _already_called_lintrk object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async object| ORIBILI function| tac_gtag object| GoogleGcLKhOms function| gtag function| onYouTubeIframeAPIReady object| google_image_requests

16 Cookies

Domain/Path Name / Value
.js.ubembed.com/ Name: __cf_bm
Value: oLzlCkF6JdgGn4UTC.sc2QV.x35L0NylLsJ1l3jkxiU-1711760441-1.0.1.1-MkkXhYSwxEew3hSIVyicKJXOsbcqAcvkiIuT_IMHXcSa9URkyhisv4xxVLqh6AKQeCitpyIa4BJNXT0_Ag_Xnw
.www.paysalia.com/ Name: __cf_bm
Value: Lno59ti_tJ6lQE6V_EnGUaWTAivyh4gaQKHRMuJw5Ak-1711760443-1.0.1.1-wRWazJJvZ8uoWj6HCHqYBCfPejLSpdAdMeBYbaUhqWwsKqcuSZEjaqqqNvX48POtU569LmpVySBPdn5Nos3IZA
paysalia2023.bento-prod.gl-events-digital.com/ Name: _pk_id.12.1abd
Value: 3b18db356704ecc7.1711760444.
paysalia2023.bento-prod.gl-events-digital.com/ Name: _pk_ses.12.1abd
Value: 1
.gl-events-digital.com/ Name: _gcl_au
Value: 1.1.1677573112.1711760444
.gl-events-digital.com/ Name: __gads
Value: ID=7a6f73eeb8ea4c07:T=1711760444:RT=1711760444:S=ALNI_MZA8N6PBDI6rTaavNjUpHKe_Txxnw
.gl-events-digital.com/ Name: __gpi
Value: UID=00000dd6f84a6693:T=1711760444:RT=1711760444:S=ALNI_MYd5dWgHXXpNXQO4SthHOdIHHF_dw
.gl-events-digital.com/ Name: __eoi
Value: ID=2a32cd861b227208:T=1711760444:RT=1711760444:S=AA-AfjYrzIoApdPX7n-BYSAZdfgl
.doubleclick.net/ Name: IDE
Value: AHWqTUn3ZzjDx8eMvCPoOeBKbc7oGtAC4AUMcpb3mVtzqrrdvrpQG9CN7y5kF9J8J94
.linkedin.com/ Name: li_sugr
Value: bc4c0e2e-5ad5-4552-b995-21a27617689a
.linkedin.com/ Name: bcookie
Value: "v=2&00f0430a-1629-479b-86f6-f9d64f7b0fd2"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3194:u=1:x=1:i=1711760445:t=1711846845:v=2:sig=AQGIbTleGca2qIX5NR5kqMmTPZyrd5tU"
.linkedin.com/ Name: UserMatchHistory
Value: AQLwKAF6YHXLxAAAAY6M349lrdKEV_YxNe_Tv-AB6QSYiZ1uIvGr475vk3txsdY1Y0eIAddGtab68g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJCvKTjhUaKDwAAAY6M349lz4q6xfXLjXVZuOJ5EjB_hQSKpFIS5Xbvui5-4NOVgi3u0JiGS5IeV6Uu514DMw
.www.linkedin.com/ Name: bscookie
Value: "v=1&202403300100451f178997-c491-46b5-83d4-a32535dcad53AQECzmfHLrOGZINYjdrQuKOm6xeo6USk"
paysalia2023.bento-prod.gl-events-digital.com/ Name: tarteaucitron
Value: !dfp=wait!facebookpixel=wait!linkedininsighttag=wait!gajs=wait!gtag=wait!addtoanyshare=wait!youtubeapi=wait

42 Console Messages

Source Level URL
Text
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://.js.ubembed.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paysalia2023.bento-prod.gl-events-digital.com/fr
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://connect.paysalia.com https://studio.swapcard.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM https://connect.paysalia.com https://studio.swapcard.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

.js.ubembed.com
a9649a1272f9496faa065646480e04aa.js.ubembed.com
accessibilityserver.org
ad3c999b77be1348cb0e1ff25e02fff8.safeframe.googlesyndication.com
api.userway.org
assets.ubembed.com
cdn.matomo.cloud
cdn.tarteaucitron.io
cdn.userway.org
challenges.cloudflare.com
glevents.matomo.cloud
p.typekit.net
pagead2.googlesyndication.com
paysalia2023.bento-prod.gl-events-digital.com
px.ads.linkedin.com
px4.ads.linkedin.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
tarteaucitron.io
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.paysalia.com
.js.ubembed.com
pagead2.googlesyndication.com
104.17.3.184
108.139.29.83
13.107.42.14
13.226.34.65
142.251.40.162
142.251.40.98
142.251.41.4
172.67.39.148
2600:141b:1c00:31::1739:5a49
2600:141b:1c00:31::1739:5a51
2600:1f14:5db:eb11:6e72:4252:dcb:b03b
2600:9000:24f0:7600:c:7d55:b3c0:93a1
2606:4700:4400::ac40:944b
2606:4700::6812:15b
2607:f8b0:4006:807::2001
2607:f8b0:4006:807::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:816::2008
2607:f8b0:4006:821::2002
2620:1ec:21::14
2a02:6ea0:c400::11
2a03:2880:f112:83:face:b00c:0:25de
3.126.133.169
4.176.22.35
51.68.111.231
51.68.111.234
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0940ce24d2d6cef44007192fac2f37c3f3b805504226b46b13160a08036d3da6
0e6cd18826928bf01d43aff8ed048e78cdbae0b38d171dc711dd5abae49535cd
0f40dc168cc7573c82b1e5120f8fb6e09f746d3293faa762612f35bbf9a64875
1044ae625640bf00c9015cbd6cbb3a39facd778e8cae72b801e7545d0c902a01
125177f05ad1b689a10b0dda41c59fc95011bdb9da3548747333070bdaa7e1b1
186cb4d4da036ffaf3a01e84fb13af63524b5894e107ea735c2ec8d7ad831c28
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2a18e8e4efc6f2e6918db4d6aa7506604b2ade974b8e7b5fae5d99fc423a0b29
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37cbffef2cf45dd89cf3d33ec5a369b30a477ca61f8784894ace343de46bfe67
3882430dc89e08a6c0d8e56098980e001e9fab4b9f97fc0cd2d3c41ed44b7388
39899afdb5d3255f5a82060f91a1794f84c21b5e2f438f1f78178039074f7889
3b601445991c758edf71b053a1d784788b8e889cdb15caf643f3db338d64a239
3bad93e2db5168be274331283b090dc54eb7a2c9040b3d986cfc69135e203148
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef683a95b6f1457a2a663b39a324065b442f125b25b2974118fe8fdc567e875
40d3d6f76c4c5ed9f9ad770277466aea378b7ebceffaf9067f88ea708944f482
42babcbc256e2b3a327d5124523d9adb8cd4b86387cfe49f46d771d5505a014b
45174b1212ef181104580db29c23dec7d02da70f788957020a153317feafe3a9
4e372111c0fe9f8acd5da664244c32d820e688cf72df7d7c7b7b8ba629a4d641
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
58fccfff3e23d38c19ca7050ca56c216248463f82dac768c23c0bbff61b8c359
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bdfcac9fbf9c6c2fca7d2434569fe404921bba2e8a92f89a73e3ff6c11886a
672ce38087394a312a268f5a156feeb3ca6607fc3d908c270efe1020c439678b
6b84b5a4113a1a0ea02db6ebbe03e46fe35ec38ba4b6e82154e9b03d6b81c9e6
6e2a875c1ace63d5d526b40458e76b5b3f07e465e8fe98ed4d63ff9c8fd10975
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
7c5c9b5992df609cf2729dc38f85fcdd78e95f9e8f1958d072f8b06b23132be0
8098d0207d4946a3c9ff7c9ed126d5c497ca3454b862aa16835427552f4f9ccf
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
86dfd495fb061ee0920d8fb994efb9f1f62884de2370329b780e5e7dcbbad492
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
89290bc3dc7a45b834bb719bfa291677542f5bb6feeed5b4933eeb5b32cd23e1
898357f43f61a3ed1ebb1cdd989f480354e2417573d7417460ade3ca3e7afebf
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8fc8b460aaca1498f2ee08ee1393e6adfbd777ca6c707b66816502363d0082cc
963a8a0f5759ba827a147cec3205f6c41e3d549e26f56aff72b6686553807e4b
a3a8894620b52e2269583be6f6d571e690c94e96f8f890c032c66cf2b31c6aa8
ad321a3f8b90ec6f2ad9796475a26450bb0c6dd1388b1cc3f59c163b1ba927da
aeda3e0483b814fa0b8a26b20df6a0cacee81f5d1f0d1225ea6389a6a297ebaf
afa07e50a5c5dbef60f8ab0ef140c924b92b18c28513626fe65f099a0b03bd82
b6e2985564d2e776d632cbf744819b9bdf0b82520383b4dc7348f48367141dec
bb034ec7fc9a36a13f2ae3015ce18cd312f50ed543dabb296c69c47c29c48f6c
bf2b9ea2595b97ed63c6c1e2771de84527d6bee3a66663ecc9aea5d9f0e38358
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d616b7bd6583b5982abe06f1aa2683cf825046ccfa5a0e3259fff49f9c7d4fe4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2bb46eff3a507b385fcf4ce0295cd00837cddb4cd187ac4fec01ec8413bb444
f48939c5ecc46aaa46b38e6fd241346b179e0fbfacb210342b8b87432169243c
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
ff5a9f25258e7e067e5aa035f5602302714d2071c47f66c69358521afe76f59f