bienvenue.initiative-crm.com Open in urlscan Pro
52.200.48.204  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bienvenue.initiative-crm.com/mail/	66 KB 17 KB	662ms 273ms	Document text/html	52.200.48.204 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.200.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-48-204.compute-1.amazonaws.com Software openresty/1.15.8.2 / Resource Hash b2c80354b7c642d95c8096c29dee7e06b91d92c69a5f6f122acf97caede81dc1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Language de-DE Content-Type text/html; charset=utf-8 Date Tue, 17 Oct 2023 06:57:03 GMT P3P CP="NON" Server openresty/1.15.8.2 Transfer-Encoding chunked Vary Accept-Encoding X-Request-Id 19f218b4-6f0c-402d-927a-e8b2081bda7e X-Runtime 0.047438 X-Wishpond-Generated 2023-10-13 12:35:38 +0000 X-Wishpond-Guard 1697200538.2859786 X-Wishpond-Host wishpondv1-server-5dccd6466f-mvgd8 X-Wishpond-Prefix PagesV2r/4b9070/1 X-Wishpond-Queries 0 X-Wishpond-Version 20230523000001
GET H2	200	connect.js Show response cdn.wishpond.net/	157 KB 41 KB	156ms 44ms	Script application/javascript	18.66.112.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/connect.js?merchantId=1493711&socialCampaignId=2761832&writeKey=dd584e0c1e8a Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-79.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash e68cd7af9567cebc5c4ef7c7ceb252d204da72a25c0bd9b92ddd62215441f7a1 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:10:47 GMT content-encoding gzip via 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 16:50:01 GMT server nginx/1.17.5 x-amz-cf-pop FRA56-P5 age 391576 etag W/"6526d239-2754a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, stale-if-error, max-age=3600, s-max-age=172800 x-amz-cf-id gD9y5gtl_tu4hCjVEPU-MuZ0Sozcq7xFO1DHqbQvkv_X0ZEM23LeBw==
GET H/1.1	200 OK	pages_v2r-9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a.js Show response d30itml3t0pwpf.cloudfront.net/assets/	217 KB 50 KB	150ms 44ms	Script application/javascript	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a.js Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Wed, 20 Sep 2023 23:21:19 GMT Content-Encoding gzip Via 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-P6 Age 2273743 X-Cache Hit from cloudfront Connection keep-alive Content-Length 50897 Last-Modified Wed, 13 Sep 2023 20:57:25 GMT Server nginx/1.17.5 ETag "65022235-c6d1" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Amz-Cf-Id ulU5MnJgJHU3ARn-wbS7Prp1ZWROUhABa1rNT0t6JFzxkSmGDUFTNw==
GET H/1.1	200 OK	pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css d30itml3t0pwpf.cloudfront.net/assets/	54 KB 9 KB	147ms 41ms	Stylesheet text/css	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 13 Jul 2023 18:45:32 GMT Content-Encoding gzip Via 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-P6 Age 8251891 X-Cache Hit from cloudfront Connection keep-alive Content-Length 9053 Last-Modified Wed, 05 Jul 2023 20:07:46 GMT Server nginx/1.17.5 ETag "64a5cd92-235d" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Amz-Cf-Id FEn-H33hBcb5_kAac79_PXbHGvDhhwWX0zVAoTcOMuGh2qXqxWf7QQ==
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	141ms 51ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins%7COpen+Sans%7CRoboto%3A300%2C400%2C500%2C700 Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca042eb00a7a48297e568b5df6a56430ebdfeffff117106f273d670ab8c55300 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 17 Oct 2023 06:57:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Oct 2023 06:57:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Oct 2023 06:57:03 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	139ms 49ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:400,600,700,900&display=swap Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ad3c5076feaaaf6f138a4da677b327d57741359d674cfd0660b802591a9cf543 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 17 Oct 2023 06:57:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Oct 2023 06:48:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Oct 2023 06:57:03 GMT
GET H/1.1	200 OK	1572864150-ab2f56f6 d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386691/image/opt/original/	6 KB 7 KB	147ms 42ms	Image image/png	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386691/image/opt/original/1572864150-ab2f56f6 Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 5940ed5df0c0067af70caaa24fd2fe63cbb61162828ddd10e5b853ae582298c9 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 05 Oct 2023 13:29:21 GMT Strict-Transport-Security max-age=300 Via 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1013262 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="Initiative_logo-01.png" Connection keep-alive X-Request-Id 25a5d310-e8bf-4cd6-9795-b68b8aeef572 X-Runtime 0.076497 Last-Modified Mon, 04 Nov 2019 10:42:30 GMT Server nginx/1.17.5 ETag "58b9c8be3b1a30db79e81717606a277b" X-Download-Options noopen Content-Type image/png Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id 0zByt-lA0rF6lhApmbIuhtURSrsP5Dp5zJk482_J2mrzZCjVDzJkng== Expires Sat, 04 Nov 2023 13:29:21 GMT
GET H/1.1	200 OK	1572877805-5270ef4b d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386840/image/opt/970x783%3E/	55 KB 55 KB	146ms 40ms	Image image/png	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386840/image/opt/970x783%3E/1572877805-5270ef4b Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 235d52b537e5a0be26a5994f456d8f055973dc3dd02e57e7c3845f0e72afe033 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Wed, 04 Oct 2023 11:50:14 GMT Strict-Transport-Security max-age=300 Via 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1105609 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="02-relationclient-suivre.png" Connection keep-alive X-Request-Id 76bf702a-5f11-4938-9703-7a688b50ca26 X-Runtime 0.674069 Last-Modified Mon, 04 Nov 2019 14:30:05 GMT Server nginx/1.17.5 ETag "8ed9a711c4d08855e96aa0b2ad5ad66a" X-Download-Options noopen Content-Type image/png Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id DHr-0uUszFvUQgAdfeMB3UPZAz1xaVm3qd42CehEkGF9xFnlEWFePw== Expires Fri, 03 Nov 2023 11:50:14 GMT
GET H/1.1	200 OK	1572959845-397e6e53 d30itml3t0pwpf.cloudfront.net/api/v3/medias/14388482/image/opt/original/	41 KB 42 KB	125ms 40ms	Image image/jpeg	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14388482/image/opt/original/1572959845-397e6e53 Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 63ea5cb7a342b65d701ad6205180b5dc017c8c6ed2c6c1c7eae5cfe99dc8c983 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 05 Oct 2023 13:29:21 GMT Strict-Transport-Security max-age=300 Via 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1013262 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="00254ajb0fub6dx_ts_1271196000000.jpg" Connection keep-alive X-Request-Id e79d0e8a-2cdf-46ba-bbf0-8685da0beee4 X-Runtime 0.049009 Last-Modified Tue, 05 Nov 2019 13:17:25 GMT Server nginx/1.17.5 ETag "13c28519ff2d06eeda85a179ea48f330" X-Download-Options noopen Content-Type image/jpeg Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id hodW__Pma9TCKh0kBhOhKysWexlksUAqDhebjh8k_SxBYONk_sTYtA== Expires Sat, 04 Nov 2023 13:29:21 GMT
GET H/1.1	200 OK	1572874988-c8d25a8c d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386795/image/opt/original/	7 KB 8 KB	128ms 43ms	Image image/jpeg	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386795/image/opt/original/1572874988-c8d25a8c Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash b29841aa6c0b9972a82f9b035a4ec93df45dbba53f8531db9e8803a1cb8b26f9 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 05 Oct 2023 13:29:21 GMT Strict-Transport-Security max-age=300 Via 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1013262 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="Florent_Létique.jpg" Connection keep-alive X-Request-Id ad90e771-0e15-4635-ac19-da56c7a2eafd X-Runtime 0.074500 Last-Modified Mon, 04 Nov 2019 13:43:08 GMT Server nginx/1.17.5 ETag "7d35e818818f377c69b8592b1d8d4298" X-Download-Options noopen Content-Type image/jpeg Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id mGln1VFcBL2_R51Vm5Iya2C8JisTjZ_KBgkE_RdvlNXCx1cpbqzTkQ== Expires Sat, 04 Nov 2023 13:29:21 GMT
GET H/1.1	200 OK	1572878652-0fbc16e9 d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386856/image/opt/original/	6 KB 7 KB	44ms 41ms	Image image/png	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386856/image/opt/original/1572878652-0fbc16e9 Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 892bcab017bb78966a717f339a2ab081bbc3427933d41cd0099416ed29686b3a Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 05 Oct 2023 13:29:21 GMT Strict-Transport-Security max-age=300 Via 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1013262 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="Initiative_logo-footer.png" Connection keep-alive X-Request-Id 295213c4-8fcc-495b-9c5e-205c631b9dae X-Runtime 0.104524 Last-Modified Mon, 04 Nov 2019 14:44:12 GMT Server nginx/1.17.5 ETag "ab2f784568bc1eb3e6846fb448e9c2bf" X-Download-Options noopen Content-Type image/png Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id rjbtjGABJrFaDCkNq0WadV7Z-yVjcctFGMqiWI8qpAz2QBnVrpJnDg== Expires Sat, 04 Nov 2023 13:29:21 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/	28 KB 6 KB	131ms 47ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 06:57:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 6398051 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5336 last-modified Thu, 22 Jun 2023 11:02:18 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a3a-14d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRHqjuB2aD1EmyPpLZI17PVgQKL2IruzfqHJ%2FiWxJloJeeJJUSIbRAC%2BpCw96wbpSGHvfrHLdjP8jI9ZzEemcX8diPE8kx67T14cm3O%2BQ5cSSXVSVXNxXnyKwP1p%2FjKIVG2qicx9w1qnGcx986JinXdu"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8176a52d6c5639be-FRA expires Sun, 06 Oct 2024 06:57:03 GMT
GET H/1.1	200 OK	1572863931-eaa3cc3b d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386689/image/opt/1600x737%3E/	10 KB 11 KB	44ms 44ms	Image image/png	108.138.2.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14386689/image/opt/1600x737%3E/1572863931-eaa3cc3b Requested by Host: bienvenue.initiative-crm.com URL: https://bienvenue.initiative-crm.com/mail/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.2.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-45.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 7fb816b0696567d86605daded421df792e983c7cd55203966962a50ec198c0ef Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://bienvenue.initiative-crm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 05 Oct 2023 13:29:21 GMT Strict-Transport-Security max-age=300 Via 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront) Content-Security-Policy default-src 'none' X-Amz-Cf-Pop FRA56-P6 Age 1013262 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="bg-headers-secondary-page.png" Connection keep-alive X-Request-Id c816595e-af99-4872-a7f3-aada891cd44f X-Runtime 0.080139 Last-Modified Mon, 04 Nov 2019 10:38:51 GMT Server nginx/1.17.5 ETag "123355a62d6e183eecd42f8f57cf8a66" X-Download-Options noopen Content-Type image/png Content-Language en Cache-Control max-age=2592000, public X-Amz-Cf-Id uuXEinqozWejJ6Owq8j4v9v9rZNYTve7lTUoSEz-7mvlK8kwhZQtyw== Expires Sat, 04 Nov 2023 13:29:21 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	142ms 49ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%7COpen+Sans%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 16:12:51 GMT x-content-type-options nosniff age 398652 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 16:12:51 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v36/	18 KB 18 KB	195ms 102ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%7COpen+Sans%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:17:36 GMT x-content-type-options nosniff age 391167 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18664 x-xss-protection 0 last-modified Thu, 14 Sep 2023 01:36:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 18:17:36 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	131ms 39ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%7COpen+Sans%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 03:37:30 GMT x-content-type-options nosniff age 443973 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 03:37:30 GMT
GET H2	200	pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	7 KB 8 KB	174ms 81ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:35:37 GMT x-content-type-options nosniff age 566486 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7632 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:09:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Oct 2024 17:35:37 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	181ms 89ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 00:08:32 GMT x-content-type-options nosniff age 456511 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 00:08:32 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	173ms 97ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%7COpen+Sans%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 10 Oct 2023 07:45:30 GMT x-content-type-options nosniff age 601893 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Oct 2024 07:45:30 GMT
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/	70 KB 71 KB	91ms 47ms	Font application/octet-stream	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css Origin https://bienvenue.initiative-crm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 06:57:03 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 6398051 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 71896 last-modified Thu, 22 Jun 2023 11:02:18 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a3a-118d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKIOHRyOCOCj2NcUt7FW2ecwc0UQda9sp7uW1oRZ9pZCo7c5kNc9XTvSunUhk6mqcIx5c6Ae1TDoBso%2FLU%2FpreDv4x20YqYpeI%2F%2BHASbEVs8YEMULBxwFwOE%2BI3R7h9M6va05xzj7o10IkIDAr983WD7"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8176a52e5b6b921a-FRA expires Sun, 06 Oct 2024 06:57:03 GMT
GET H2	200	storage.html Show response cdn.wishpond.net/ Frame 19F7	3 KB 2 KB	39ms 39ms	Document text/html	18.66.112.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/storage.html Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=1493711&socialCampaignId=2761832&writeKey=dd584e0c1e8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-79.fra56.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b Request headers Referer https://bienvenue.initiative-crm.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 269032 cache-control public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800 content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 14 Oct 2023 04:13:11 GMT etag W/"64971f11-c7d" last-modified Sat, 24 Jun 2023 16:51:29 GMT server nginx/1.17.5 vary Accept-Encoding via 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront) x-amz-cf-id EiwkQnBwfAaRLhvXvD-r9o9Rk9aIq1NL-1TPqc395DWI5yBE2XIing== x-amz-cf-pop FRA56-P5 x-cache Hit from cloudfront
OPTIONS H2	200	popups.json www.wishpond.com/ Frame	0 0	452ms 140ms	Preflight text/plain	44.198.227.54 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1493711&url=https%3A%2F%2Fbienvenue.initiative-crm.com%2Fmail%2F&social_campaign_id=2761832 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.227.54 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-227-54.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://bienvenue.initiative-crm.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-requested-with access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin https://bienvenue.initiative-crm.com access-control-expose-headers access-control-max-age 600 content-encoding gzip content-type text/plain date Tue, 17 Oct 2023 06:57:04 GMT server nginx/1.17.5 strict-transport-security max-age=300 vary Accept-Encoding x-download-options noopen x-request-id 35970f63-5bbf-4785-9225-00141552e8e5 x-runtime 0.000616
OPTIONS H2	200	pages.json www.wishpond.com/pages/v2r/2761832/ Frame	0 0	448ms 141ms	Preflight text/plain	44.198.227.54 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2761832/pages.json?variation_id=3022511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.227.54 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-227-54.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://bienvenue.initiative-crm.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-requested-with access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin https://bienvenue.initiative-crm.com access-control-expose-headers access-control-max-age 600 content-encoding gzip content-type text/plain date Tue, 17 Oct 2023 06:57:04 GMT server nginx/1.17.5 strict-transport-security max-age=300 vary Accept-Encoding x-download-options noopen x-request-id d236360d-646f-4a17-b30e-ba049d9c7eab x-runtime 0.001160
GET H2	200	popups.json Show response www.wishpond.com/	13 B 1 KB	157ms 156ms	XHR application/json	44.198.227.54 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1493711&url=https%3A%2F%2Fbienvenue.initiative-crm.com%2Fmail%2F&social_campaign_id=2761832 Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=1493711&socialCampaignId=2761832&writeKey=dd584e0c1e8a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.227.54 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-227-54.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://bienvenue.initiative-crm.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 06:57:04 GMT strict-transport-security max-age=300 x-content-type-options nosniff content-security-policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' content-encoding gzip p3p CP="NON" x-xss-protection 1; mode=block x-request-id 8179d99b-4365-4727-b9f1-3d3e2091e79a x-runtime 0.015066 server nginx/1.17.5 x-download-options noopen vary Accept-Encoding, Origin access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language de-DE access-control-allow-origin https://bienvenue.initiative-crm.com access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true content-type application/json; charset=utf-8 x-frame-options DENY
GET H2	200	pages.json Show response www.wishpond.com/pages/v2r/2761832/	66 KB 13 KB	158ms 157ms	XHR application/json	44.198.227.54 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2761832/pages.json?variation_id=3022511 Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.227.54 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-227-54.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 1d20e9073b880cc36130e77d5ff59dfe4000ed9f9d23e59d23049baeb3071a36 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept application/json Referer https://bienvenue.initiative-crm.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-wishpond-prefix PagesV2r/4b9070/1 date Tue, 17 Oct 2023 06:57:04 GMT strict-transport-security max-age=300 x-wishpond-queries 0 content-encoding gzip x-wishpond-version 20230523000001 x-wishpond-generated 2023-10-13 12:35:38 +0000 p3p CP="NON" x-request-id 6addc2a4-308a-461a-89ed-7f49a34d9712 x-runtime 0.013868 server nginx/1.17.5 x-wishpond-host wishpondv1-server-5dccd6466f-mvgd8 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://bienvenue.initiative-crm.com content-language de-DE access-control-expose-headers access-control-allow-credentials true access-control-max-age 600 x-wishpond-guard 1697200538.2859786
OPTIONS H2	200	view bookie.wishpond.com/v1/social_campaigns/2761832/variations/3022511/ Frame	0 0	481ms 144ms	Preflight text/plain	35.171.0.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2761832/variations/3022511/view Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.171.0.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-0-241.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method POST Origin https://bienvenue.initiative-crm.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-headers x-requested-with access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers Link access-control-max-age 600 content-type text/plain date Tue, 17 Oct 2023 06:57:04 GMT server nginx/1.14.2
POST H2	201	view Show response bookie.wishpond.com/v1/social_campaigns/2761832/variations/3022511/	0 289 B	164ms 163ms	XHR text/plain	35.171.0.241 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2761832/variations/3022511/view Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.171.0.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-0-241.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://bienvenue.initiative-crm.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.017799 date Tue, 17 Oct 2023 06:57:04 GMT server nginx/1.14.2 access-control-max-age 600 access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD content-type text/plain access-control-allow-origin * access-control-expose-headers Link cache-control no-cache vary Origin x-request-id 0876c4e7-e909-484e-aea0-530a7b678ac7

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| ES6Promise function| _s number| len object| prototype string| k object| Honeybadger object| fastdom function| jqlite function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| Tooltip function| SelectDropdown function| Calendar object| Wishpond function| _wp object| Base64 object| XD function| CrossStorageClient object| wishpondApp object| $$jqListeners

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bienvenue.initiative-crm.com
bookie.wishpond.com
cdn.wishpond.net
cdnjs.cloudflare.com
d30itml3t0pwpf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.wishpond.com
108.138.2.45
18.66.112.79
2606:4700::6811:180e
2a00:1450:4001:800::200a
2a00:1450:4001:82b::2003
35.171.0.241
44.198.227.54
52.200.48.204
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
1d20e9073b880cc36130e77d5ff59dfe4000ed9f9d23e59d23049baeb3071a36
235d52b537e5a0be26a5994f456d8f055973dc3dd02e57e7c3845f0e72afe033
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
5940ed5df0c0067af70caaa24fd2fe63cbb61162828ddd10e5b853ae582298c9
63ea5cb7a342b65d701ad6205180b5dc017c8c6ed2c6c1c7eae5cfe99dc8c983
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fb816b0696567d86605daded421df792e983c7cd55203966962a50ec198c0ef
892bcab017bb78966a717f339a2ab081bbc3427933d41cd0099416ed29686b3a
8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9a08673d88e7a4f5bdc8ecbaeae0e46d2bef2d74b1f4f7be834af235f9cd134a
ad3c5076feaaaf6f138a4da677b327d57741359d674cfd0660b802591a9cf543
b29841aa6c0b9972a82f9b035a4ec93df45dbba53f8531db9e8803a1cb8b26f9
b2c80354b7c642d95c8096c29dee7e06b91d92c69a5f6f122acf97caede81dc1
ca042eb00a7a48297e568b5df6a56430ebdfeffff117106f273d670ab8c55300
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68cd7af9567cebc5c4ef7c7ceb252d204da72a25c0bd9b92ddd62215441f7a1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615