urlscan.io logo urlscan.io
SecurityTrails logo

public.message-business.com Open in urlscan Pro
217.174.192.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx
Effective URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+...
Submission: On April 27 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 217.174.192.26, located in Levallois-Perret, France and belongs to AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR. The main domain is public.message-business.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 20th 2020. Valid for: a year.
This is the only time public.message-business.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2001:41d0:301:100:54:38:64:29 (France)

ASN16276 (OVH, FR)
info.sendethic.com
9    217.174.192.26 (Levallois-Perret, France)

ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR)
PTR: association.marketing-ready.192.174.217.in-addr.arpa
services.message-business.com
public.message-business.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
6 public.message-business.com info.sendethic.com
public.message-business.com
3 services.message-business.com 1 redirects public.message-business.com
2 www.facebook.com public.message-business.com
2 www.google-analytics.com public.message-business.com
www.google-analytics.com
2 connect.facebook.net public.message-business.com
connect.facebook.net
1 www.google.de public.message-business.com
1 www.google.com public.message-business.com
1 stats.g.doubleclick.net www.google-analytics.com
1 info.sendethic.com
18 9

This site contains links to these domains. Also see Links.

Domain
toutelaculture.com
www.sendethic.com
Subject Issuer Validity Valid
info.sendethic.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
www.message-business.com
DigiCert SHA2 Extended Validation Server CA		 2020-10-20 -
2021-11-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Frame ID: 321008F337BB1597F8C9AFF691F0B576
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx Page URL
  2. https://services.message-business.com/v3/tracking/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx HTTP 301
    https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

376 kB
Transfer

886 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx Page URL
  2. https://services.message-business.com/v3/tracking/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx HTTP 301
    https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
t.htm
info.sendethic.com/ 		1 KB
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:41d0:301:100:54:38:64:29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
3e2b2ab232f8849233d939fa719509287ff342e0ccef196e8767008206ee13c6

Request headers

Host
info.sendethic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Tue, 27 Apr 2021 01:25:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
ETag
W/"40b-Zan41mDy5VhQjpUi55ZjmDc6Dk0"
Content-Encoding
gzip
Primary Request survey.aspx
public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/
Redirect Chain
  • https://services.message-business.com/v3/tracking/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx
  • https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-...
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Requested by
Host: info.sendethic.com
URL: https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
39cd8ac16047986628430198e8cf0acc337cf2e8aaee6144532f68a40e3ee2a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
public.message-business.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://info.sendethic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.sendethic.com/t.htm?u=/e/3/40003/14109/869996/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/r.aspx

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Tue, 27 Apr 2021 01:24:48 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
X-Robots-Tag
noindex
X-XSS-Protection
0
Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Length
5238

Redirect headers

Cache-Control
private
Location
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Server
Microsoft-IIS/7.5
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
X-Robots-Tag
noindex
Date
Tue, 27 Apr 2021 01:25:47 GMT
Content-Length
0
jquery-1.12.4.min.js
public.message-business.com/Javascript/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/Javascript/jquery-1.12.4.min.js?v=20171012
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
public.message-business.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Connection
keep-alive
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 09:23:40 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"c9a49527a123d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
43298
X-XSS-Protection
0
intlTelInput.min.js
public.message-business.com/Javascript/form/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/Javascript/form/intlTelInput.min.js?v=20171012
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
757bf147f130466fd06a7ec658414eb613302af96eb77ca8556e2e35a047ab73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
public.message-business.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Connection
keep-alive
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 16:28:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"d481f570dc23d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
8865
X-XSS-Protection
0
intlTelInput.utils.min.js
public.message-business.com/Javascript/form/ 		206 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/Javascript/form/intlTelInput.utils.min.js?v=20171012
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d7508ec3ee130acbe0459e10acc3c57fa643b073e3f3542faf60f7de8cd491a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
public.message-business.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Connection
keep-alive
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Encoding
gzip
ETag
"974fd71dc23d21:0"
Last-Modified
Tue, 11 Oct 2016 16:28:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-Robots-Tag
noindex
X-XSS-Protection
0
form.js
public.message-business.com/Javascript/form/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/Javascript/form/form.js?v=20171012
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4594cd5890a39d5a7c48baecba550a3442a4c1707de4cfd00a745640db5e6feb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
public.message-business.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Connection
keep-alive
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2017 11:14:35 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"6e5de3f955fd31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
2121
X-XSS-Protection
0
form.css
public.message-business.com/Javascript/form/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.message-business.com/Javascript/form/form.css?v=20171012
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d40d8b1aa8b6a7110cb673e5000cb9ca194c9f0de1e846d30790bd757cf898c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
public.message-business.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Connection
keep-alive
Referer
https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2016 15:52:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"83282fa0a024d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
4375
X-XSS-Protection
0
TLC_logo.png
services.message-business.com/v3/front/contents/2/3/40003/Images/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.message-business.com/v3/front/contents/2/3/40003/Images/TLC_logo.png
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d312b6efe6c2e1e235a8eadb32f1c92d02e1edd7c0845e9503c98a609a8dcf30
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Last-Modified
Wed, 06 May 2020 13:46:49 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1a449ccaac23d61:0"
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
117984
X-XSS-Protection
0
LOGO-SE-Horizontal-Couleur-200px.png
services.message-business.com/v3/front/contents/2/3/40003/Images/sendethic/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.message-business.com/v3/front/contents/2/3/40003/Images/sendethic/LOGO-SE-Horizontal-Couleur-200px.png
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
217.174.192.26 Levallois-Perret, France, ASN16128 (AGARIK-NETWORK AGARIK provide WEB, Servers Hosting and dedicated Internet Connection, FR),
Reverse DNS
association.marketing-ready.192.174.217.in-addr.arpa
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
87d36097548810021dcc8b29bb8e01cbb0d436469cdd11a5552780656b125678
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 01:25:48 GMT
Last-Modified
Tue, 14 Apr 2020 15:38:57 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"6123cbcf7212d61:0"
Content-Type
image/png
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
6349
X-XSS-Protection
0
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
r5OExUi3YebRYgGG/V3/EF1dTqKdyMHdf1D7TxRN8gCMqd7SV/GuLigJy5FOAh9UylHNmL+tNvwk20Mv1NvLig==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 27 Apr 2021 01:25:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6319
date
Mon, 26 Apr 2021 23:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 27 Apr 2021 01:40:33 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1670061811&t=pageview&_s=1&dl=https%3A%2F%2Fpublic.message-business.com%2Fsurvey%2F40003%2F14095%2Fr16vaibfpeoiymsjhvpeofjevspbhjfjjbe%2Fsurvey.aspx%3Futm_campaign%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_content%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_medium%3DEmailing%26utm_source%3DMessage%2BBusiness&dr=https%3A%2F%2Finfo.sendethic.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=537066555&gjid=1153583630&cid=1260447213.1619486752&tid=UA-111337-3&_gid=1387403815.1619486752&_r=1&_slc=1&z=1008301850
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 01:25:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://public.message-business.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1583847898578704
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1583847898578704?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
769504f48607bb24afc4c22d6908e00ead6f04b23df0ba9224c2e8adab34d68a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
mnzcx47EKCieFfhxaAPf7a6M/mi3ombTchdDCHdUVbLw2TiZ+y8xzurSOcGSKZsHyX2yIxtKN/BC3bqi80PmzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Tue, 27 Apr 2021 01:25:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-111337-3&cid=1260447213.1619486752&jid=537066555&gjid=1153583630&_gid=1387403815.1619486752&_u=IEBAAEAAAAAAAC~&z=865824430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Apr 2021 01:25:52 GMT
content-type
text/plain
access-control-allow-origin
https://public.message-business.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111337-3&cid=1260447213.1619486752&jid=537066555&_u=IEBAAEAAAAAAAC~&z=1731129632
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 01:25:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111337-3&cid=1260447213.1619486752&jid=537066555&_u=IEBAAEAAAAAAAC~&z=1731129632
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 01:25:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1583847898578704&ev=PageView&dl=https%3A%2F%2Fpublic.message-business.com%2Fsurvey%2F40003%2F14095%2Fr16vaibfpeoiymsjhvpeofjevspbhjfjjbe%2Fsurvey.aspx%3Futm_campaign%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_content%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_medium%3DEmailing%26utm_source%3DMessage%2BBusiness&rl=https%3A%2F%2Finfo.sendethic.com%2F&if=false&ts=1619486752573&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619486752571.1191756821&it=1619486752461&coo=false&rqm=GET
Requested by
Host: public.message-business.com
URL: https://public.message-business.com/survey/40003/14095/r16vaibfpeoiymsjhvpeofjevspbhjfjjbe/survey.aspx?utm_campaign=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_content=%5bEnqu%c3%aate+Toute+La+Culture+-+Sendethic%5d++Covid19+vs+Culture+Saison+2+%3a-(&utm_medium=Emailing&utm_source=Message+Business
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:25:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 27 Apr 2021 01:25:52 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1583847898578704&ev=Microdata&dl=https%3A%2F%2Fpublic.message-business.com%2Fsurvey%2F40003%2F14095%2Fr16vaibfpeoiymsjhvpeofjevspbhjfjjbe%2Fsurvey.aspx%3Futm_campaign%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_content%3D%255bEnqu%25c3%25aate%2BToute%2BLa%2BCulture%2B-%2BSendethic%255d%2B%2BCovid19%2Bvs%2BCulture%2BSaison%2B2%2B%253a-(%26utm_medium%3DEmailing%26utm_source%3DMessage%2BBusiness&rl=https%3A%2F%2Finfo.sendethic.com%2F&if=false&ts=1619486753076&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Covid-19%20vs%20Culture%20%3A%20comment%20faire%20revenir%20les%20publics%20%3F%20Participez%20%C3%A0%20la%20saison%202%20%3A-(%20de%20l%27enqu%C3%AAte%20Toute%20La%20Culture%20%2B%20Sendethic%22%2C%22og%3Adescription%22%3A%22En%20r%C3%A9pondant%20%C3%A0%20notre%20enqu%C3%AAte%2C%20vous%20contribuez%20%C3%A0%20allumer%20des%20lumi%C3%A8res%20d%E2%80%99espoir%20et%20vous%20recevrez%20en%20primeur%20les%20r%C3%A9sultats.%20Cette%20enqu%C3%AAte%20est%20anonymis%C3%A9e%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sendethic.com%2Fculture%22%2C%22og%3Asite_name%22%3A%22Sendethic%20et%20Toute%20La%20Culture%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.sendethic.com%2FSendethic%2Fwebsite_fr-FR%2Fimages%2F2021%2F04%2F20153159%2Fenquete-toute-la-culture-sendethic.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fstatic.sendethic.com%2FSendethic%2Fwebsite_fr-FR%2Fimages%2F2021%2F04%2F20153159%2Fenquete-toute-la-culture-sendethic.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1619486752571.1191756821&it=1619486752461&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://public.message-business.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:25:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Apr 2021 01:25:53 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery112407336216635442467 object| intlTelInputUtils object| mbFormObj function| scriptOnLoad function| scriptOnSubmit function| goPrevious function| goNext function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.message-business.com/ Name: _fbp
Value: fb.1.1619486752571.1191756821
.message-business.com/ Name: _gid
Value: GA1.2.1387403815.1619486752
.message-business.com/ Name: _gat
Value: 1
.message-business.com/ Name: _ga
Value: GA1.2.1260447213.1619486752

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
info.sendethic.com
public.message-business.com
services.message-business.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
2001:41d0:301:100:54:38:64:29
217.174.192.26
2a00:1450:4001:808::2003
2a00:1450:4001:812::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c0d::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
39cd8ac16047986628430198e8cf0acc337cf2e8aaee6144532f68a40e3ee2a3
3e2b2ab232f8849233d939fa719509287ff342e0ccef196e8767008206ee13c6
4594cd5890a39d5a7c48baecba550a3442a4c1707de4cfd00a745640db5e6feb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
757bf147f130466fd06a7ec658414eb613302af96eb77ca8556e2e35a047ab73
769504f48607bb24afc4c22d6908e00ead6f04b23df0ba9224c2e8adab34d68a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d36097548810021dcc8b29bb8e01cbb0d436469cdd11a5552780656b125678
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
d312b6efe6c2e1e235a8eadb32f1c92d02e1edd7c0845e9503c98a609a8dcf30
d40d8b1aa8b6a7110cb673e5000cb9ca194c9f0de1e846d30790bd757cf898c7
d7508ec3ee130acbe0459e10acc3c57fa643b073e3f3542faf60f7de8cd491a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629