urlscan.io logo urlscan.io
SecurityTrails logo

pack-rentree-scolaire-a-tester.plein2kdo.com Open in urlscan Pro
52.48.57.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Submission Tags: @phish_report
Submission: On August 29 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 68 HTTP transactions. The main IP is 52.48.57.203, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is pack-rentree-scolaire-a-tester.plein2kdo.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2024. Valid for: a year.
This is the only time pack-rentree-scolaire-a-tester.plein2kdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.48.57.203 16509 (AMAZON-02)
14 13.32.121.110 16509 (AMAZON-02)
1 142.250.186.170 15169 (GOOGLE)
2 18.245.31.78 16509 (AMAZON-02)
3 172.217.18.4 15169 (GOOGLE)
1 3 63.34.149.107 16509 (AMAZON-02)
1 151.101.129.229 54113 (FASTLY)
3 18.66.27.33 16509 (AMAZON-02)
1 13.33.219.205 16509 (AMAZON-02)
1 172.217.18.3 15169 (GOOGLE)
2 142.250.185.168 15169 (GOOGLE)
1 9 54.194.38.62 16509 (AMAZON-02)
1 216.58.206.35 15169 (GOOGLE)
3 145.239.193.53 16276 (OVH)
3 150.171.27.10 8075 (MICROSOFT...)
2 157.240.252.13 32934 (FACEBOOK)
1 1 18.173.205.52 16509 (AMAZON-02)
8 18.239.69.127 16509 (AMAZON-02)
1 142.250.181.226 15169 (GOOGLE)
3 216.239.34.36 15169 (GOOGLE)
2 13.107.246.44 8075 (MICROSOFT...)
2 157.240.252.35 32934 (FACEBOOK)
3 20.231.53.73 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
68 23
1    52.48.57.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-57-203.eu-west-1.compute.amazonaws.com
pack-rentree-scolaire-a-tester.plein2kdo.com
14    13.32.121.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-110.fra60.r.cloudfront.net
static.collectoptin.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
2    18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net
static.optinproject.com
3    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net
www.google.com
3    63.34.149.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-149-107.eu-west-1.compute.amazonaws.com
api.optinproject.com
1    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    18.66.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-33.vie50.r.cloudfront.net
sdk.privacy-center.org
1    13.33.219.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-219-205.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
9    54.194.38.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
v3.api.optinproject.com
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net
www.gstatic.com
3    145.239.193.53 (France)

ASN16276 (OVH, FR)
asset.easydmp.net
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    18.173.205.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-52.fra56.r.cloudfront.net
a1511b3f0092.eu-west-1.sdk.awswaf.com
8    18.239.69.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-127.ams58.r.cloudfront.net
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    13.107.246.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
3    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
14 optinproject.com
static.optinproject.com
api.optinproject.com — Cisco Umbrella Rank: 464374
v3.api.optinproject.com — Cisco Umbrella Rank: 781492
1 MB
14 collectoptin.com
static.collectoptin.com
647 KB
9 awswaf.com
a1511b3f0092.eu-west-1.sdk.awswaf.com
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com
297 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
q.clarity.ms — Cisco Umbrella Rank: 8520
c.clarity.ms — Cisco Umbrella Rank: 1838
30 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
c.bing.com — Cisco Umbrella Rank: 341
17 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
381 B
3 easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 315510
10 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4906
157 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
232 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
262 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
455 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536
48 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 plein2kdo.com
pack-rentree-scolaire-a-tester.plein2kdo.com
32 KB
68 18
Domain Requested by
14 static.collectoptin.com pack-rentree-scolaire-a-tester.plein2kdo.com
static.collectoptin.com
9 v3.api.optinproject.com 1 redirects static.collectoptin.com
www.datadoghq-browser-agent.com
8 a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com pack-rentree-scolaire-a-tester.plein2kdo.com
www.datadoghq-browser-agent.com
3 q.clarity.ms www.datadoghq-browser-agent.com
3 region1.google-analytics.com www.datadoghq-browser-agent.com
3 bat.bing.com pack-rentree-scolaire-a-tester.plein2kdo.com
bat.bing.com
3 asset.easydmp.net pack-rentree-scolaire-a-tester.plein2kdo.com
asset.easydmp.net
www.datadoghq-browser-agent.com
3 sdk.privacy-center.org pack-rentree-scolaire-a-tester.plein2kdo.com
sdk.privacy-center.org
3 api.optinproject.com 1 redirects pack-rentree-scolaire-a-tester.plein2kdo.com
3 www.google.com pack-rentree-scolaire-a-tester.plein2kdo.com
www.gstatic.com
2 c.clarity.ms 1 redirects
2 www.facebook.com pack-rentree-scolaire-a-tester.plein2kdo.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 connect.facebook.net pack-rentree-scolaire-a-tester.plein2kdo.com
connect.facebook.net
2 www.googletagmanager.com pack-rentree-scolaire-a-tester.plein2kdo.com
www.googletagmanager.com
2 static.optinproject.com pack-rentree-scolaire-a-tester.plein2kdo.com
static.collectoptin.com
1 c.bing.com 1 redirects
1 pagead2.googlesyndication.com www.googletagmanager.com
1 a1511b3f0092.eu-west-1.sdk.awswaf.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.datadoghq-browser-agent.com pack-rentree-scolaire-a-tester.plein2kdo.com
1 cdn.jsdelivr.net static.collectoptin.com
1 fonts.googleapis.com pack-rentree-scolaire-a-tester.plein2kdo.com
1 pack-rentree-scolaire-a-tester.plein2kdo.com
68 25
Subject Issuer Validity Valid
*.plein2kdo.com
Amazon RSA 2048 M02		 2024-02-21 -
2025-03-21		 a year crt.sh
static.collectoptin.com
Amazon RSA 2048 M03		 2023-11-22 -
2024-12-20		 a year crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
static.optinproject.com
Amazon RSA 2048 M03		 2023-12-17 -
2025-01-14		 a year crt.sh
www.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-08-03		 a year crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
core.api.optincollect.com
Amazon RSA 2048 M02		 2024-06-12 -
2025-07-10		 a year crt.sh
asset.cpdcsn.com
R11		 2024-07-14 -
2024-10-12		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.42b09ac5.eu-west-1.token.awswaf.com
Amazon RSA 2048 M03		 2024-08-05 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Frame ID: 3BB788AE7BEF146754E001C322548579
Requests: 62 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9wYWNrLXJlbnRyZWUtc2NvbGFpcmUtYS10ZXN0ZXIucGxlaW4ya2RvLmNvbTo0NDM.&hl=fi&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=9arnu7ah0ofm
Frame ID: 8160A868320DEFAFDC7BAA151CAD4AE3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9wYWNrLXJlbnRyZWUtc2NvbGFpcmUtYS10ZXN0ZXIucGxlaW4ya2RvLmNvbTo0NDM.&hl=fi&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&sa=landing_default&cb=dtianpuc36wq
Frame ID: F88DE5655456A46BB9A691F8C821E6DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grand jeu concours Pack rentree scolaire

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

68
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

23
IPs

4
Countries

2854 kB
Transfer

7424 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://api.optinproject.com/targeting/converted/1100.gif HTTP 302
  • https://api.optinproject.com/rt/converted/plein2kdo.gif
Request Chain 24
  • https://v3.api.optinproject.com/pixel/cookie/relocate HTTP 302
  • https://api.optinproject.com/cookie/relocate
Request Chain 32
  • https://a1511b3f0092.eu-west-1.sdk.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js HTTP 307
  • https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js
Request Chain 60
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&RedC=c.clarity.ms&MXFR=2A47AC5CCA576C8C3411B8B6CE57629A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&MUID=03FAC6C04D7661F30149D22A4C5E6084

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pack-rentree-scolaire-a-tester.plein2kdo.com/ 		118 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.57.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-57-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
86870daf647ca0988278db358b34e5e8bafe318ffe798ffc9d771363d5da0519

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 23:39:13 GMT
expires
Thu, 29 Aug 2024 23:39:13 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-ua-compatible
IE=Edge
reset.css
static.collectoptin.com/css/ 		1 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/css/reset.css
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
99fc06a1fdfec23d9f7d6a437651a38f4b1f951227c15132b1182746c14c024b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:39 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:03 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47862
etag
W/"66ceeb4b-444"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
edcLrRWWeiL2uoBH6Hzsl1fwg8DmSSCPWotOeB8wlYnoH0NN79sipw==
plein2kdo_ocv2_1.css
static.collectoptin.com/build/theme_minimalist/ 		77 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.css
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a28624481a5703ac99408c41727d340ce2c7afb1b7a70d00ccc791406ab32e99

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:52 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:19 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47861
etag
W/"66ceed77-132a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
ElDr5c9mKAbHHoPQdCReuY3ODr4R4e7An8wsOiOJRfAAqNnZyfsKIQ==
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;300;400;500;600;700&display=swap
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
83565ab58241b9daee1afda4a14537e70777450c1a29951db2a9a19b4e89ba7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 23:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 29 Aug 2024 23:39:14 GMT
jquery.min.js
static.collectoptin.com/build/vendor/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/vendor/jquery/jquery.min.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:39 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:18 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47862
etag
W/"66ceed76-17b8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
OyPeQsvCVesEeKUcX_hIixkz3G2H6JKDVrHdWOX48v0Tmtu74HUkAQ==
5b8541526f779.jpeg
static.optinproject.com/sites/1380/landing_mobile_header/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.optinproject.com/sites/1380/landing_mobile_header/5b8541526f779.jpeg
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e0b24d376ee8722a77212243d0eff483c776d30141cc699642fa893e7aea989

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 05:54:50 GMT
x-amz-version-id
null
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
last-modified
Thu, 10 Sep 2020 08:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
63864
etag
"03b6f0f090b7aeecd1f7bb4e332d7309"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
158888
x-amz-cf-id
n758CGpukWBls22dC7iPMU94D48jlYRZ2_wi-NmXYULw6X1Il28S5Q==
ico-form.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ico-form.png
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e048a879ecd6f26ead96107299b7382945a7dbe6c1f9d67a500974805a0e2489

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:22:08 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:07 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47852
etag
"66ceeb4f-381"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
897
x-amz-cf-id
dhRJ6SDmw0BYMUgZ1wy-Ti2L9__fEjxV5KgCUTdzcA4Z-G5HQeiOcQ==
ico-present.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ 		718 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ico-present.png
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
12dc3c5feae8181fb39f264366806bb585a862fe6011949176c44751324493c5

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:22:08 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:07 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47853
etag
"66ceeb4f-2ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
718
x-amz-cf-id
9nC8pJKtkMm4GJEloQMeEWEVTt4KbJVqXdAGO9uDsS7H8z0CaulYrg==
dpo_email.jpg
static.collectoptin.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/images/dpo_email.jpg
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:29 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:03 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47865
etag
"66ceeb4b-1c32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
7218
x-amz-cf-id
YuLuerxWcWAzd8Z97nhx0w969rv1Czy-xGGJUky2ede0iT82qW4eNQ==
plein2kdo-logo.png
static.collectoptin.com/workflowbundle/sweepstake/v2/FR/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/FR/images/plein2kdo-logo.png
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
357a9af42c012bbfa33f1e3ab348d9bb8b7476fd5035475b345db85be95331a1

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:30 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:08 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47864
etag
"66ceeb50-eab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3755
x-amz-cf-id
tjJHTKXkqq28Ef3lfYorwvDG8e6ksdFfYuYa3lQD48h7_i-n3iQP_w==
api.js
www.google.com/recaptcha/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
ESF /
Resource Hash
171f6ffd1af8f3c334c62118cd5dd3f3023a6d4b5e549de63ec6b82fd39be71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 29 Aug 2024 23:39:14 GMT
plein2kdo_ocv2_1.js
static.collectoptin.com/build/theme_minimalist/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
48e22e680e6d73fb79c3f26b5d07d7cdda12889c49a358a46c73c0f2699e6f4b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:30 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:19 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47868
etag
W/"66ceed77-10ab43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
POpFz5LNg8euiBEeFjChm_rSfsNsHZ7R-DtWRoasOYMYuTqI-Tg5Gg==
jquery.simplemodal.js
static.collectoptin.com/build/vendor/jquery-simplemodal/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/vendor/jquery-simplemodal/jquery.simplemodal.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ac057bf1597b81383d0c6c51dec811732e0e022956e3b2bb37524d1e4acc6c34

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:30 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:18 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47868
etag
W/"66ceed76-5a11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
Ia2cEUoB5v8_4jlMLB2SeFTz2V7GUXh37YywwkHZfy7x5l8VkNKfuw==
plein2kdo.gif
api.optinproject.com/rt/converted/
Redirect Chain
  • https://api.optinproject.com/targeting/converted/1100.gif
  • https://api.optinproject.com/rt/converted/plein2kdo.gif
43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.optinproject.com/rt/converted/plein2kdo.gif
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Server
63.34.149.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-149-107.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:14 GMT
cache-control
must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id
348f8805-4ad6-4edc-be6f-f974ac6deef9
server
nginx
content-type
image/gif

Redirect headers

location
https://api.optinproject.com/rt/converted/plein2kdo.gif
date
Thu, 29 Aug 2024 23:39:14 GMT
p3p
policyref="http://www.webrivage.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
server
nginx
content-type
text/html; charset=utf-8
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/ 		84 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Aug 2024 23:39:14 GMT
x-content-type-options
nosniff
content-encoding
br
age
2939202
x-jsd-version
1.11.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13300
x-served-by
cache-fra-eddf8230079-FRA, cache-hel1410027-HEL
x-jsd-version-type
version
etag
W/"14f73-BDozLk9VXMC/015FG+lVtLk5ZqA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
loader.js
sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/loader.js?target=pack-rentree-scolaire-a-tester.plein2kdo.com
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-33.vie50.r.cloudfront.net
Software
/
Resource Hash
d72314026afb01b1c94ce3c33074a140f20aa21c37dbc123b625a4d32a4b5a34

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:15 GMT
x-didomi-configs-version
112
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
content-encoding
br
via
1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
x-amzn-requestid
cb79c586-d3c6-4fb0-abeb-0daa199a4947
etag
W/"3081147ac6716ca676c72cda3f065076"
vary
Accept-Encoding
x-amzn-trace-id
root=1-66d106a3-122b84cf3edd8eeb1b64fae0;parent=4bd4b246892b4584;sampled=0;lineage=eaae1266:0
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
max-age=7200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
WwOkmywxECb8GZIhnQPQVErYSB30_uZ3zkoL3DE1Szd9kyDHL8v-PQ==
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-219-205.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:38:20 GMT
content-encoding
br
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
59
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
8p8Wt7qkGItS3oZPaKsKv396jVmo4qWyTkLX7XzQazO_tqotrx5VQw==
5b8541521dd35.jpeg
static.optinproject.com/sites/1380/landing_background_image/ 		839 KB
840 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.optinproject.com/sites/1380/landing_background_image/5b8541521dd35.jpeg
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6db2c0da3e07380e08f26f993ee7b72f524917feb76fa98244097ce1c9085838

Request headers

Referer
https://static.collectoptin.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
date
Thu, 29 Aug 2024 07:08:40 GMT
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
last-modified
Thu, 10 Sep 2020 08:25:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
59435
x-amz-server-side-encryption
AES256
etag
"73d4eb6af6b602ce4cf58ab5df87638f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
859104
x-amz-cf-id
3thy8z4oGnen3ftEhu9ZsvOJEfIJcI6aVXWghqOwdpru6CUvC4sHPA==
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 08:43:53 GMT
x-content-type-options
nosniff
age
53722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48556
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 08:43:53 GMT
gtm.js
www.googletagmanager.com/ 		477 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
50bd80accf70eba71253941a3e48ed49e4f81d345b94ab3f2843cf5c8040579b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118483
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:39:15 GMT
1.js
static.collectoptin.com/build/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/1.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e11ace295b9026f795a360cdd2a4455f5c9d38e19520eb1d8aace3ff43a9fb13

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:31 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:18 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47863
etag
W/"66ceed76-17bf5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
PA_uO3GcKVU_erhdEqLHk9QyAHg2diZyE-tb3VIbuoUJ_-5aCtopIQ==
2.js
static.collectoptin.com/build/ 		556 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/2.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9720b13b746838b1f122d7c46b2840229dec550cd297183c19dd26043f4487e4

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:31 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:18 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47863
etag
W/"66ceed76-8b104"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
wVPbs6OQNYe4GInUPlM76ZmgqdvxvIz03aNDKeV4ZCdl-nJT6GWMqg==
5.js
static.collectoptin.com/build/ 		355 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/5.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
3424508a9e4eb1776841aa45959d3687a85d3d93bf498773c9383fce574419c7

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:31 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:18 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47863
etag
W/"66ceed76-58c54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
8RRjnn_ctV5xOxL07XlcwGdeBdzFbSKiqJ2inu8WlQbhJC9jASRQqQ==
13.js
static.collectoptin.com/build/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/13.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
1cd68d178cba878c7a643df74882c577543a7d7348fae6c4e9d3dca121c577c5

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:21:31 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:27:19 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47863
etag
W/"66ceed77-7ab5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
3LBHbIc5zKIowtrfGohIhb5J7aPa73mcAZhMaEewI9ItQqaXHdHVxQ==
sessions
v3.api.optinproject.com/ 		45 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
849b726b5cc260642835af2868837bb90287def794547eb2ea1d858e25fbd8c0

Request headers

accept
application/json
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
content-type
application/json

Response headers

access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
date
Thu, 29 Aug 2024 23:39:15 GMT
cache-control
no-cache, private
x-correlation-id
e443ae2a-5f7f-40f3-91ee-8705fd6c9b7a
access-control-allow-credentials
true
server
nginx
content-type
application/json
relocate
api.optinproject.com/cookie/
Redirect Chain
  • https://v3.api.optinproject.com/pixel/cookie/relocate
  • https://api.optinproject.com/cookie/relocate
43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.optinproject.com/cookie/relocate
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Server
63.34.149.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-149-107.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:15 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
p3p
policyref="http://www.webrivage.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials
true

Redirect headers

location
https://api.optinproject.com/cookie/relocate
date
Thu, 29 Aug 2024 23:39:15 GMT
cache-control
no-cache, private
x-correlation-id
81df8821-12d7-4e16-9e61-cc58897420a9
server
nginx
content-type
text/html; charset=UTF-8
sessions
v3.api.optinproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorization-apikey
Access-Control-Request-Method
POST
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Thu, 29 Aug 2024 23:39:15 GMT
server
nginx
vary
origin
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 		538 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
sffe /
Resource Hash
905a14d126bc1a87533dc078f5c9fea6bb54ee8a3ee68cc59dec1ff30e80f902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 06:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218443
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 04:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Aug 2025 06:00:29 GMT
sdk.70584a6cd63d48d6df31311caf2d9046d1d1cdfd.js
sdk.privacy-center.org/sdk/70584a6cd63d48d6df31311caf2d9046d1d1cdfd/modern/ 		356 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/70584a6cd63d48d6df31311caf2d9046d1d1cdfd/modern/sdk.70584a6cd63d48d6df31311caf2d9046d1d1cdfd.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/loader.js?target=pack-rentree-scolaire-a-tester.plein2kdo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-33.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5db194788dae159aecb98e600ae2b58f9b0b64b3b96ea2de7bd48a1d192c27f

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 12:09:05 GMT
content-encoding
br
via
1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2024 12:08:52 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
41411
etag
W/"ba5da79c2d08c89473bbf1aef838b4ab-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JSSLaXVCm6xZTfhHfb85wSZm9Ib0w6gLaBM92ZS-yGcifWFlmuJ7dw==
ui-gdpr-fr-web.70584a6cd63d48d6df31311caf2d9046d1d1cdfd.js
sdk.privacy-center.org/sdk/70584a6cd63d48d6df31311caf2d9046d1d1cdfd/modern/ 		279 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/70584a6cd63d48d6df31311caf2d9046d1d1cdfd/modern/ui-gdpr-fr-web.70584a6cd63d48d6df31311caf2d9046d1d1cdfd.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/70584a6cd63d48d6df31311caf2d9046d1d1cdfd/modern/sdk.70584a6cd63d48d6df31311caf2d9046d1d1cdfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-33.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0377b6d6711d55387b6e3c34f865005608114d580c82f1330c1f2296ea3d3c8b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 12:12:04 GMT
content-encoding
br
via
1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2024 12:08:54 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
41232
etag
W/"dc097324656d172006bd5ffbb5ddb021-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1HELtqhDcLNWvaHu1SvFDFMRccno_TNcfGwZVtmbEc6k14TZNhnuIQ==
mt.js
asset.easydmp.net/mt/squadata/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/mt/squadata/mt.js?t=239580
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9048b6dca322c3f4aee493f0f45ad50c29a14201d2e9f9a636bc4140a56f8246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Aug 2024 13:58:21 GMT
x-iplb-request-id
50DC5B7B:1492_91EFC135:01BB_66D106A3_60056A7:5C1F
etag
"66d07e7d-1397"
x-iplb-instance
57684
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, s-maxage=3600, public
content-length
5015
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Aug 2024 23:39:15 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F6EFBC729F24503A8A3B37DCCAA4074 Ref B: STOEDGE1008 Ref C: 2024-08-29T23:39:15Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 23:39:16 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=13, mss=1392, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
J3cZbJHkofcrYgVukre/rdDLfzTjOwaJu5CIcjuH7KlLFrLm5NGRE+dlDxlMMzE9SP/f7I41wOW0rs8O4d/imQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
challenge.js
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/
Redirect Chain
  • https://a1511b3f0092.eu-west-1.sdk.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js
  • https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js
1 MB
288 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
e0cff8b5b388b548e0b77c9268d2b78758689fca453f3a5436bde632d8af9572

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:16 GMT
content-encoding
gzip
via
1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2024 23:39:16 +0000
x-amz-cf-pop
AMS58-P4
vary
accept-encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a4-5a4e0fbe575590544f7c07b3
content-type
text/javascript
cache-control
private, max-age=86400, stale-while-revalidate=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PfW-eYiMQIKuc68iyurkSwiYDDWQnQr-1LlEXlx_8i5ggpiAzQY16A==
expires
0

Redirect headers

date
Thu, 29 Aug 2024 23:39:15 GMT
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P12
access-control-max-age
86400
access-control-allow-methods
*
x-cache
FunctionGeneratedResponse from cloudfront
access-control-allow-origin
*
location
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/challenge.js
cache-control
max-age=86400
access-control-allow-headers
*
content-length
0
x-amz-cf-id
KLp_zxE3EuElRz2XNoa6XAZxdVchEU9rADZbJARXF4VWNfElbCd4gw==
js
www.googletagmanager.com/gtag/ 		355 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DY4KRQDG9G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d7b270b3a3249b4bd04436c1f3526a20bbfe86efba842da9b210dc8a257f5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118668
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 23:39:15 GMT
4574
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ads/type/sponsoring/supportlocation/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ads/type/sponsoring/supportlocation/4574?data%5Bcountry%5D=fi&data%5Bcustom2%5D=plein2kdo%7Cplein2kdo_ocv2%7C1jour1envie-pack-rentree-scolaire-bic-mapped
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept
application/json
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9

Response headers

date
Thu, 29 Aug 2024 23:39:15 GMT
x-correlation-id
8dfe7fa5-ac17-4c5c-a581-91dd81a816b0
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-request-identifier
eab57d8a-db20-4306-96fa-6db2c72aec36
4574
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ads/type/sponsoring/supportlocation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ads/type/sponsoring/supportlocation/4574?data%5Bcountry%5D=fi&data%5Bcustom2%5D=plein2kdo%7Cplein2kdo_ocv2%7C1jour1envie-pack-rentree-scolaire-bic-mapped
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorization-apikey
Access-Control-Request-Method
GET
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Thu, 29 Aug 2024 23:39:15 GMT
server
nginx
vary
origin
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3pPp2p5l1&tag_exp=0&rnd=930574722.1724974756&url=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&dma_cps=-&dma=1&npa=1&tcfd=10001&gtm=45je48r0v873516131z876354608za200zb76354608&did=dMTc4Zm&gdid=dMTc4Zm&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY4KRQDG9G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DY4KRQDG9G&gtm=45je48r0v873516131z876354608za200zb76354608&_p=1724974754636&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&gdid=dMTc4Zm&cid=1833999901.1724974756&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dp=%2Fplein2kdo%2Flanding&sid=1724974755&sct=1&seg=0&dl=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&dt=Grand%20jeu%20concours%20Pack%20rentree%20scolaire&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site=1jour1envie-pack-rentree-scolaire-bic-mapped&ep.site_group=plein2kdo&ep.workflow=plein2kdo_ocv2&ep.site_thematic=others&tfd=2550
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8160 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9wYWNrLXJlbnRyZWUtc2NvbGFpcmUtYS10ZXN0ZXIucGxlaW4ya2RvLmNvbTo0NDM.&hl=fi&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=9arnu7ah0ofm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-5Erfg6RQsT0fqV4xVzAb1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-5Erfg6RQsT0fqV4xVzAb1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:39:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame F88D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9wYWNrLXJlbnRyZWUtc2NvbGFpcmUtYS10ZXN0ZXIucGxlaW4ya2RvLmNvbTo0NDM.&hl=fi&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&sa=landing_default&cb=dtianpuc36wq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-Zr9FJCdp2jHx8Qw79w0NQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-Zr9FJCdp2jHx8Qw79w0NQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:39:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
announcers
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/type/sales/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/type/sales/announcers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorization-apikey
Access-Control-Request-Method
GET
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Thu, 29 Aug 2024 23:39:15 GMT
server
nginx
vary
origin
collected-data
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/collected-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorization-apikey
Access-Control-Request-Method
POST
Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Thu, 29 Aug 2024 23:39:15 GMT
server
nginx
vary
origin
announcers
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/type/sales/ 		140 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/type/sales/announcers
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60f3477ba8c5e2d6e7f2a7124248795790d436d6606b7e20a58b0c446e253388

Request headers

accept
application/json
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9

Response headers

date
Thu, 29 Aug 2024 23:39:16 GMT
x-correlation-id
5c9d1c05-30d8-4998-884a-fa960c265154
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
collected-data
v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/ 		2 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/87ca7e8c-19c7-4481-b0b3-8528e12cbaa9/collected-data
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.38.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-62.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept
application/json
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
content-type
application/json

Response headers

date
Thu, 29 Aug 2024 23:39:16 GMT
x-correlation-id
3beee17f-4e5d-4677-9705-eb499d523a0a
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DY4KRQDG9G&gtm=45je48r0v873516131za200zb76354608&_p=1724974754636&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&gdid=dMTc4Zm&cid=1833999901.1724974756&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1724974755&sct=1&seg=0&dl=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&dt=Grand%20jeu%20concours%20Pack%20rentree%20scolaire&en=scroll&ep.site=1jour1envie-pack-rentree-scolaire-bic-mapped&ep.site_group=plein2kdo&ep.workflow=plein2kdo_ocv2&ep.site_thematic=others&epn.percent_scrolled=90&_et=9&tfd=2758
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
343044553.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343044553.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
053fdff4eb2344cfce3017b225c05cae6cfb5237985f5cf09892b736e10cfd7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 29 Aug 2024 23:39:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 50B72C6A28844A25A64BAD11E29B2C23 Ref B: STOEDGE1008 Ref C: 2024-08-29T23:39:16Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
client.js
asset.easydmp.net/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/js/client.js?t=239580
Requested by
Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=239580
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79b46905ffe08579b649343513623dae575a8dcce41346d36d52268f5e2ab8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Aug 2024 13:58:21 GMT
x-iplb-request-id
50DC5B7B:1492_91EFC135:01BB_66D106A4_60056B1:5C1F
etag
"66d07e7d-10ea"
x-iplb-instance
57684
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, s-maxage=3600, public
content-length
4330
gip.php
asset.easydmp.net/ 		47 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/gip.php
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
116a03cbadc21020c44656275be5758ce8fd76e67c154e3613f8e26c81bedde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-iplb-request-id
50DC5B7B:14A3_91EFC135:01BB_66D106A4_5FF1DC5:23DD
x-iplb-instance
56716
transfer-encoding
chunked
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
343044553
www.clarity.ms/tag/uet/ 		866 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/343044553
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/343044553.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8a4dde80dfa15e07103433b2b2d6557a548c8bf3a556aed6c29b6e6c9cadf869

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date
Thu, 29 Aug 2024 23:39:17 GMT
x-azure-ref
20240829T233916Z-166cc767555j7m792h1knsfnm800000004x000000000828w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
866
expires
-1
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343044553&Ver=2&mid=b245d7e2-f757-460f-b685-327dc8f00835&sid=e759c390665f11ef89a5efd4b6c14bfa&vid=e759ee40665f11efa45a2bbc9dea738c&vids=1&msclkid=N&pi=918639831&lg=fi-FI&sw=1600&sh=1200&sc=24&tl=Grand%20jeu%20concours%20Pack%20rentree%20scolaire&p=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&r=&lt=1510&evt=pageLoad&sv=1&cdb=AQAU&rn=326226
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Aug 2024 23:39:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CCE4AAE350D429CA016F8D446C1ECE4 Ref B: STOEDGE1008 Ref C: 2024-08-29T23:39:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
643694371105633
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/643694371105633?v=2.9.166&r=stable&domain=pack-rentree-scolaire-a-tester.plein2kdo.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
8bd636f9e15761f8510b990665f4136e2b2df265dc340489c325fbfc0dd533e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 23:39:16 GMT
document-policy
force-load-at-top
x-fb-server-load
18
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=62, mss=1392, tbw=64424, tp=-1, tpl=-1, uplat=226, ullat=0
pragma
public
x-fb-debug
Wst8iLgWP/RdDyQEQCElT60LUlCx6zm+mhk2CVwcXw5gbno3IMFA7iOPH1qjoc54iCvhqFb4h2XUjaBRB9uKSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
verify
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		356 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/verify
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
a7c7a3539fc8d11214192ef63e1da59da85951334b2fb4795a15a4c6d3e7e1a6

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:16 GMT
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
x-amzn-waf-challenge-id
Root=1-66d106a4-7ae152a817d467a26b5e3ce0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
356
x-amz-cf-id
D_SKV7BU1hN8GjH2IJlsC5Xdc187KTFk8u4a1HUXLas5Ir0WfJHW_A==
expires
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=643694371105633&ev=PageView&dl=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&rl=&if=false&ts=1724974756561&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1724974756557.145702570649103723&cs_est=true&ler=empty&cdl=API_unavailable&it=1724974756139&coo=false&rqm=GET
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1392, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Aug 2024 23:39:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=643694371105633&ev=PageView&dl=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&rl=&if=false&ts=1724974756561&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1724974756557.145702570649103723&cs_est=true&ler=empty&cdl=API_unavailable&it=1724974756139&coo=false&rqm=FGET
Requested by
Host: pack-rentree-scolaire-a-tester.plein2kdo.com
URL: https://pack-rentree-scolaire-a-tester.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 29 Aug 2024 23:39:17 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1392, tbw=3098, tp=-1, tpl=-1, uplat=112, ullat=0
pragma
no-cache
x-fb-debug
l767MoLGae2G03QIfqWT/+IOLCFoottb7PjjsXAu9XrTQF3o7kqJN2F3sfmRSwhZUoP5/J0ipqwu8zPd5rqo5Q==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.45/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.45/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343044553
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 23:39:17 GMT
content-encoding
br
last-modified
Wed, 28 Aug 2024 19:57:49 GMT
etag
W/"0x8DCC79BB1C5F66A"
vary
Accept-Encoding
x-azure-ref
20240829T233917Z-166cc767555j7m792h1knsfnm800000004x0000000008294
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
57930ad2-001e-0069-311f-fa1797000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
q.clarity.ms/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Date
Thu, 29 Aug 2024 23:39:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		924 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
097a0226e1fe61761e4d4b83c6fbe190e8109f83cf2154e5a550cfb24ad901ed

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:17 GMT
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
x-amzn-waf-challenge-id
Root=1-66d106a5-202ab62a471a9a5e0a240ba9
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
924
x-amz-cf-id
2uE9wq7NjgyMY5Mm41JiPFc9sBIOw6vWRGSi82V7kC9W3DT86Sz9tg==
expires
0
collect
q.clarity.ms/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Date
Thu, 29 Aug 2024 23:39:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		1012 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
dc383ccfb2c67ff540e40822117ff4e2194c6fc82774d61a1e39dee22a0bd07d

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:39:17 GMT
content-encoding
gzip
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a5-2854b34d7571c3b12ffaf9f3
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
vary
accept-encoding
x-amz-cf-id
4gq_PpJYaTy-2S8BMOyDddqrRqMDoVTl2O2GRRmcfIL_u6wwL6rIJw==
expires
0
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
d6843beae2ca128e29e765353be545acc7a9706879d5c022d3e64bbe26dd3e5b

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:39:18 GMT
content-encoding
gzip
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a6-27f3199d00ae4d287f6a814c
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
vary
accept-encoding
x-amz-cf-id
PYmjCcLIBvVAH9saFgwunpFHFlnmF_YGC__Svp57X1j2xJjf_cLuBg==
expires
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&RedC=c.clarity.ms&MXFR=2A47AC5CCA576C8C3411B8B6CE57629A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&MUID=03FAC6C04D7661F30149D22A4C5E6084
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&MUID=03FAC6C04D7661F30149D22A4C5E6084
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:18 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C01C63532456465D9B880E0DDB0C512B Ref B: STOEDGE1607 Ref C: 2024-08-29T23:39:19Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECCD2C91CFB34F4AB1E0624E9A3029F3&MUID=03FAC6C04D7661F30149D22A4C5E6084
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
static.collectoptin.com/plein2kdo/images/iconified/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/plein2kdo/images/iconified/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-110.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4e2cbd9b7767c8fd6e6264734ab2b6ed9b23cc5dd6b79ae5de274713ea85080d

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Aug 2024 10:22:39 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 09:18:03 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
47838
etag
"66ceeb4b-3aee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
x-amz-cf-id
AuEyyAkO8LQ6W0dlo4EcSNRnVOdQRp3hyzhJWYivsyRcf31BIXxKeQ==
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
987a5f35200d98dbeff1656c0a5c1d8ef4cda3dbc33a7d0a4a3a3e5a58997a32

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:39:18 GMT
content-encoding
gzip
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a6-79bb86bc3a26f8503563dd15
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
vary
accept-encoding
x-amz-cf-id
hGm0jqmZ-JCz3xtF0EuyxE2OAhDY7NYEHKb3cCN4h8Q54hFz_DnKEQ==
expires
0
collect
q.clarity.ms/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
Date
Thu, 29 Aug 2024 23:39:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
7648af3134686f1a85e3f9a4953f5d67a6aaa2bdab8b30158bb4ca32a6b9925c

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:39:19 GMT
content-encoding
gzip
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a7-18abab807d15fdbf31897375
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
vary
accept-encoding
x-amz-cf-id
nI1UvNHIjzLnQuVMiq1maZkI-V2IxdiW00eJd3MHrGagjKNZPeT_Kw==
expires
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DY4KRQDG9G&gtm=45je48r0v873516131z876354608za200zb76354608&_p=1724974754636&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&gdid=dMTc4Zm&cid=1833999901.1724974756&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=3&sid=1724974755&sct=1&seg=0&dl=https%3A%2F%2Fpack-rentree-scolaire-a-tester.plein2kdo.com%2F&dt=Grand%20jeu%20concours%20Pack%20rentree%20scolaire&en=sponsoring_rendered&ep.site=1jour1envie-pack-rentree-scolaire-bic-mapped&ep.site_group=plein2kdo&ep.workflow=plein2kdo_ocv2&ep.site_thematic=others&ep.event_category=OptinClient&_et=196&tfd=7766
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:39:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pack-rentree-scolaire-a-tester.plein2kdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
telemetry
a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com/a1511b3f0092/b07e0789ea63/telemetry
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.69.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-127.ams58.r.cloudfront.net
Software
/
Resource Hash
d830791fbe76330194d9f26d02618077b50e6afa69e894c603f46bcdcde045e3

Request headers

Referer
https://pack-rentree-scolaire-a-tester.plein2kdo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:39:21 GMT
content-encoding
gzip
via
1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-66d106a9-0d58b678716809fd14df43e7
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
vary
accept-encoding
x-amz-cf-id
b8GvBMvs5bHWInlbKZBvnx5Mv8ecMWqHsPtVf7vTY84jdSi74MJVZQ==
expires
0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| gdprAppliesGlobally function| __tcfapi object| DD_RUM function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| webpackJsonp function| setImmediate function| clearImmediate object| didomiEventListeners object| dataLayer object| didomiOnReady function| optinBrand function| FormValidate function| PhoneValidator function| DoubleCheckboxValidator function| Validation function| PhoneIsMobileValidator function| OptinClientSponsoring object| OptinCollectSponsoring object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __tcfapiBuffer object| DidomiSanitizing function| __easyMetaTagSqudata object| uetq function| fbq function| _fbq object| didomiState function| onYouTubeIframeAPIReady object| gaGlobal object| closure_lm_222223 function| UET function| UET_init function| UET_push object| ueto_3d0f5bc7a8 string| [eedmpact] function| eedmpdo object| a2_0x1ba9 function| a2_0x5e29 object| AwsWafIntegration object| ChallengeScript function| clarity object| clarityuetq

22 Cookies

Domain/Path Name / Value
pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: PHPSESSID
Value: 04bb683daf2b4e4ae688756e7534455c
.api.optinproject.com/ Name: OPTINSESSIONUID
Value: 1724974754
.api.optinproject.com/ Name: OPTINPUID
Value: 66d106a2eebb47z18271014
.plein2kdo.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkxYTA4MWUtZTQ5Yy02ZmUxLWIyMmQtZTFhMjRjNjkwMzNjIiwiY3JlYXRlZCI6IjIwMjQtMDgtMjlUMjM6Mzk6MTUuNDAxWiIsInVwZGF0ZWQiOiIyMDI0LTA4LTI5VDIzOjM5OjE1LjQwMVoiLCJ2ZXJzaW9uIjpudWxsfQ==
pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: sqd_nwvst
Value: 1
pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: sqd_vst
Value: 1
.plein2kdo.com/ Name: _uetsid
Value: e759c390665f11ef89a5efd4b6c14bfa
.plein2kdo.com/ Name: _uetvid
Value: e759ee40665f11efa45a2bbc9dea738c
.bing.com/ Name: MUID
Value: 03FAC6C04D7661F30149D22A4C5E6084
.plein2kdo.com/ Name: _fbp
Value: fb.1.1724974756557.145702570649103723
pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: sqd_fp
Value: 0_a23cd81bd6691fff1b651b0fc4bce7e5
www.clarity.ms/ Name: CLID
Value: e66d9ed43a594c7fa59c7e1af009345b.20240829.20250829
.plein2kdo.com/ Name: _clck
Value: 1i6z5ij%7C2%7Cfoq%7C0%7C1702
.plein2kdo.com/ Name: _clsk
Value: 15t083h%7C1724974757950%7C1%7C1%7Cq.clarity.ms%2Fcollect
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 03FAC6C04D7661F30149D22A4C5E6084
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 03FAC6C04D7661F30149D22A4C5E6084
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: _dd_s
Value: rum=0&expire=1724975654900
.pack-rentree-scolaire-a-tester.plein2kdo.com/ Name: aws-waf-token
Value: fa66bb6d-c664-4bd3-bc76-e538d29ef189:CgoAe0+k7ZYRAAAA:TBzx356T9DAohjKBx3y9MQ3isnu0arqHppOEFkwvtX3gquLkSABEXwHV9nHn/PU98p/LQyORsnR+IdGKqXQUkam5zjBIX/xkiQC/htaL9vxgkQ1puepOxzeu5VLUvfj5PIzutLIUqi5CI56Q3Q1z0in54v2B1nDOKJjnnNAKuRPL7EK0DtB1ifX81UEC60hdnYNlWHhtrouavTNU8ufU0MycJOgnidXt11ORt2kDhzdapWKawh59fW4GRhiSnANuKiYxTps5miiEMPp6Q2s35fnfWFboVq7IT1uhYHXgW9JVYoDgzJWV+g5ZOH5hK2ra9Xt3jAU=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1511b3f0092.42b09ac5.eu-west-1.token.awswaf.com
a1511b3f0092.eu-west-1.sdk.awswaf.com
api.optinproject.com
asset.easydmp.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pack-rentree-scolaire-a-tester.plein2kdo.com
pagead2.googlesyndication.com
q.clarity.ms
region1.google-analytics.com
sdk.privacy-center.org
static.collectoptin.com
static.optinproject.com
v3.api.optinproject.com
www.clarity.ms
www.datadoghq-browser-agent.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.107.246.44
13.32.121.110
13.33.219.205
13.74.129.1
142.250.181.226
142.250.185.168
142.250.186.170
145.239.193.53
150.171.27.10
151.101.129.229
157.240.252.13
157.240.252.35
172.217.18.3
172.217.18.4
18.173.205.52
18.239.69.127
18.245.31.78
18.66.27.33
20.231.53.73
204.79.197.237
216.239.34.36
216.58.206.35
52.48.57.203
54.194.38.62
63.34.149.107
0377b6d6711d55387b6e3c34f865005608114d580c82f1330c1f2296ea3d3c8b
053fdff4eb2344cfce3017b225c05cae6cfb5237985f5cf09892b736e10cfd7b
097a0226e1fe61761e4d4b83c6fbe190e8109f83cf2154e5a550cfb24ad901ed
116a03cbadc21020c44656275be5758ce8fd76e67c154e3613f8e26c81bedde8
12dc3c5feae8181fb39f264366806bb585a862fe6011949176c44751324493c5
171f6ffd1af8f3c334c62118cd5dd3f3023a6d4b5e549de63ec6b82fd39be71a
1cd68d178cba878c7a643df74882c577543a7d7348fae6c4e9d3dca121c577c5
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
3424508a9e4eb1776841aa45959d3687a85d3d93bf498773c9383fce574419c7
357a9af42c012bbfa33f1e3ab348d9bb8b7476fd5035475b345db85be95331a1
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
48e22e680e6d73fb79c3f26b5d07d7cdda12889c49a358a46c73c0f2699e6f4b
4e0b24d376ee8722a77212243d0eff483c776d30141cc699642fa893e7aea989
4e2cbd9b7767c8fd6e6264734ab2b6ed9b23cc5dd6b79ae5de274713ea85080d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50bd80accf70eba71253941a3e48ed49e4f81d345b94ab3f2843cf5c8040579b
60f3477ba8c5e2d6e7f2a7124248795790d436d6606b7e20a58b0c446e253388
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6d7b270b3a3249b4bd04436c1f3526a20bbfe86efba842da9b210dc8a257f5ee
6db2c0da3e07380e08f26f993ee7b72f524917feb76fa98244097ce1c9085838
7648af3134686f1a85e3f9a4953f5d67a6aaa2bdab8b30158bb4ca32a6b9925c
79b46905ffe08579b649343513623dae575a8dcce41346d36d52268f5e2ab8d4
83565ab58241b9daee1afda4a14537e70777450c1a29951db2a9a19b4e89ba7a
849b726b5cc260642835af2868837bb90287def794547eb2ea1d858e25fbd8c0
86870daf647ca0988278db358b34e5e8bafe318ffe798ffc9d771363d5da0519
8a4dde80dfa15e07103433b2b2d6557a548c8bf3a556aed6c29b6e6c9cadf869
8bd636f9e15761f8510b990665f4136e2b2df265dc340489c325fbfc0dd533e5
9048b6dca322c3f4aee493f0f45ad50c29a14201d2e9f9a636bc4140a56f8246
905a14d126bc1a87533dc078f5c9fea6bb54ee8a3ee68cc59dec1ff30e80f902
9720b13b746838b1f122d7c46b2840229dec550cd297183c19dd26043f4487e4
987a5f35200d98dbeff1656c0a5c1d8ef4cda3dbc33a7d0a4a3a3e5a58997a32
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fc06a1fdfec23d9f7d6a437651a38f4b1f951227c15132b1182746c14c024b
a28624481a5703ac99408c41727d340ce2c7afb1b7a70d00ccc791406ab32e99
a7c7a3539fc8d11214192ef63e1da59da85951334b2fb4795a15a4c6d3e7e1a6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac057bf1597b81383d0c6c51dec811732e0e022956e3b2bb37524d1e4acc6c34
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d6843beae2ca128e29e765353be545acc7a9706879d5c022d3e64bbe26dd3e5b
d72314026afb01b1c94ce3c33074a140f20aa21c37dbc123b625a4d32a4b5a34
d830791fbe76330194d9f26d02618077b50e6afa69e894c603f46bcdcde045e3
dc383ccfb2c67ff540e40822117ff4e2194c6fc82774d61a1e39dee22a0bd07d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e048a879ecd6f26ead96107299b7382945a7dbe6c1f9d67a500974805a0e2489
e0cff8b5b388b548e0b77c9268d2b78758689fca453f3a5436bde632d8af9572
e11ace295b9026f795a360cdd2a4455f5c9d38e19520eb1d8aace3ff43a9fb13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5db194788dae159aecb98e600ae2b58f9b0b64b3b96ea2de7bd48a1d192c27f
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62