urlscan.io logo urlscan.io
SecurityTrails logo

sejour-magique.plein2kdo.com Open in urlscan Pro
52.214.78.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://parisdesnyebgtfrdff.pro/
Effective URL: https://sejour-magique.plein2kdo.com/
Submission: On May 04 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 20 domains to perform 54 HTTP transactions. The main IP is 52.214.78.115, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is sejour-magique.plein2kdo.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2024. Valid for: a year.
This is the only time sejour-magique.plein2kdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.94 22612 (NAMECHEAP...)
1 1 193.46.255.169 47890 (UNMANAGED...)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 1 34.240.47.120 16509 (AMAZON-02)
2 3 54.74.213.157 16509 (AMAZON-02)
1 3 52.214.78.115 16509 (AMAZON-02)
12 13.32.121.23 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.23 16509 (AMAZON-02)
3 142.250.185.196 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
2 2600:9000:26e... 16509 (AMAZON-02)
1 13.33.218.24 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 52.211.159.98 16509 (AMAZON-02)
1 3.161.82.55 16509 (AMAZON-02)
2 2600:9000:264... 16509 (AMAZON-02)
1 146.75.120.157 54113 (FASTLY)
3 2001:41d0:301... 16276 (OVH)
2 142.250.186.130 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 104.244.42.5 13414 (TWITTER)
2 104.244.42.195 13414 (TWITTER)
54 22
1    192.64.119.94 (United States)

ASN22612 (NAMECHEAP-NET, US)
parisdesnyebgtfrdff.pro
1    193.46.255.169 (Romania)

ASN47890 (UNMANAGED-DEDICATED-SERVERS, GB)
PTR: hostingmailto077.statics.servermail.org
track.mltrck.com
1    2a05:d018:483:6110:b9d6:fedf:9bcb:8752 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cd-cont.com
1    34.240.47.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-47-120.eu-west-1.compute.amazonaws.com
o231585781.kractipo.com
3    54.74.213.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-213-157.eu-west-1.compute.amazonaws.com
api.optinproject.com
3    52.214.78.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-78-115.eu-west-1.compute.amazonaws.com
sejour-magique.plein2kdo.com
12    13.32.121.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-23.fra60.r.cloudfront.net
static.collectoptin.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
static.optinproject.com
3    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2600:9000:26e8:ce00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    13.33.218.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-218-24.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    52.211.159.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
v3.api.optinproject.com
1    3.161.82.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
sdk.privacy-center.org
2    2600:9000:2644:6000:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.privacy-center.org
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)
asset.easydmp.net
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Apex Domain
Subdomains		 Transfer
14 optinproject.com
api.optinproject.com — Cisco Umbrella Rank: 285820
static.optinproject.com
v3.api.optinproject.com — Cisco Umbrella Rank: 393444
752 KB
12 collectoptin.com
static.collectoptin.com
645 KB
5 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4501
api.privacy-center.org — Cisco Umbrella Rank: 10646
153 KB
3 easydmp.net
asset.easydmp.net — Cisco Umbrella Rank: 149130
11 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
285 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
882 B
3 plein2kdo.com
sejour-magique.plein2kdo.com
32 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 717
601 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
190 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
249 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
263 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1427
48 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 kractipo.com
o231585781.kractipo.com
252 B
1 cd-cont.com
cd-cont.com
3 KB
1 mltrck.com
track.mltrck.com
495 B
1 parisdesnyebgtfrdff.pro
parisdesnyebgtfrdff.pro
263 B
54 20
Domain Requested by
12 static.collectoptin.com sejour-magique.plein2kdo.com
static.collectoptin.com
9 v3.api.optinproject.com www.datadoghq-browser-agent.com
sejour-magique.plein2kdo.com
3 asset.easydmp.net sejour-magique.plein2kdo.com
asset.easydmp.net
www.datadoghq-browser-agent.com
3 www.googletagmanager.com sejour-magique.plein2kdo.com
www.googletagmanager.com
3 sdk.privacy-center.org sejour-magique.plein2kdo.com
sdk.privacy-center.org
3 www.google.com sejour-magique.plein2kdo.com
www.gstatic.com
3 sejour-magique.plein2kdo.com 1 redirects sejour-magique.plein2kdo.com
3 api.optinproject.com 2 redirects sejour-magique.plein2kdo.com
2 analytics.twitter.com sejour-magique.plein2kdo.com
2 t.co sejour-magique.plein2kdo.com
2 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
2 api.privacy-center.org www.datadoghq-browser-agent.com
2 static.optinproject.com sejour-magique.plein2kdo.com
static.collectoptin.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.datadoghq-browser-agent.com sejour-magique.plein2kdo.com
1 cdn.jsdelivr.net static.collectoptin.com
1 fonts.googleapis.com sejour-magique.plein2kdo.com
1 o231585781.kractipo.com 1 redirects
1 cd-cont.com 1 redirects
1 track.mltrck.com 1 redirects
1 parisdesnyebgtfrdff.pro 1 redirects
54 24
Subject Issuer Validity Valid
*.plein2kdo.com
Amazon RSA 2048 M02		 2024-02-21 -
2025-03-21		 a year crt.sh
static.collectoptin.com
Amazon RSA 2048 M03		 2023-11-22 -
2024-12-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
static.optinproject.com
Amazon RSA 2048 M03		 2023-12-17 -
2025-01-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
core.api.optincollect.com
Amazon RSA 2048 M01		 2023-07-14 -
2024-08-10		 a year crt.sh
api.privacy-center.org
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
ico.easydmp.net
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://sejour-magique.plein2kdo.com/
Frame ID: CB1795603B261A29EE1EF4973CD76D30
Requests: 47 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=t62p5qhwqin7
Frame ID: 4960AFB22DA5A8B739A502D03D4A5713
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&sa=landing_4213&cb=qkh76nsise3p
Frame ID: C5C8BA268E1B38B62323FEACD95FAC2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grand jeu concours Entrées pour disneyland paris

Page URL History Show full URLs

  1. http://parisdesnyebgtfrdff.pro/ HTTP 307
    https://parisdesnyebgtfrdff.pro/ HTTP 307
    http://parisdesnyebgtfrdff.pro/ HTTP 302
    https://track.mltrck.com/?a=67041&c=315837&mt=3 HTTP 302
    https://cd-cont.com/?a=67041&c=315837&oc=174166&sr=t&vt=1714857497667&h=748786008e0a9c9ba60e0b49... HTTP 302
    https://o231585781.kractipo.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&las... HTTP 302
    https://api.optinproject.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&las... HTTP 302
    https://sejour-magique.plein2kdo.com/track?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zi... HTTP 302
    https://sejour-magique.plein2kdo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

96 %
HTTPS

40 %
IPv6

20
Domains

24
Subdomains

22
IPs

5
Countries

2395 kB
Transfer

6298 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://parisdesnyebgtfrdff.pro/ HTTP 307
    https://parisdesnyebgtfrdff.pro/ HTTP 307
    http://parisdesnyebgtfrdff.pro/ HTTP 302
    https://track.mltrck.com/?a=67041&c=315837&mt=3 HTTP 302
    https://cd-cont.com/?a=67041&c=315837&oc=174166&sr=t&vt=1714857497667&h=748786008e0a9c9ba60e0b4925f586ec33c5f1d0&req=https%3A%2F%2Ftrack.mltrck.com%2F%3Fa%3D67041%26c%3D315837%26mt%3D3&mt=3&sip=80.255.7.102&sh=b5a4d690dbced2733af0927c2cef3dc098033e1b HTTP 302
    https://o231585781.kractipo.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_parameters[var1]=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
    https://api.optinproject.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_parameters[var1]=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
    https://sejour-magique.plein2kdo.com/track?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&optinsplid=4213&optinadid=54661&optins2s=iBmP1x9apK8t2V5kQwsTCl6Nz3dipuvJZwhXIBnUZ4kwb5JBXKuTAc8tFIC2pCf7KBNABWHiTSAF22eFPMpxT7PFchjDPjyE2CNEch6mMJE&postback_parameters%5Bvar1%5D=2161cca2b89543e5ad2c6ae39d12f63f1ddbd HTTP 302
    https://sejour-magique.plein2kdo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://api.optinproject.com/targeting/converted/1100.gif HTTP 302
  • https://api.optinproject.com/rt/converted/plein2kdo.gif

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sejour-magique.plein2kdo.com/
Redirect Chain
  • http://parisdesnyebgtfrdff.pro/
  • https://parisdesnyebgtfrdff.pro/
  • http://parisdesnyebgtfrdff.pro/
  • https://track.mltrck.com/?a=67041&c=315837&mt=3
  • https://cd-cont.com/?a=67041&c=315837&oc=174166&sr=t&vt=1714857497667&h=748786008e0a9c9ba60e0b4925f586ec33c5f1d0&req=https%3A%2F%2Ftrack.mltrck.com%2F%3Fa%3D67041%26c%3D315837%26mt%3D3&mt=3&sip=80....
  • https://o231585781.kractipo.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_paramet...
  • https://api.optinproject.com/link/fr/54661/4213/0d9b0b1091d268c?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&postback_parameters...
  • https://sejour-magique.plein2kdo.com/track?email=&civility=_CIVILITY_&firstname=&lastname=&birthday=_BIRTHDAY_&zipcode=_ZIPCODE_&address=&city=_CITY_&phone=&optinsplid=4213&optinadid=54661&optins2s...
  • https://sejour-magique.plein2kdo.com/
116 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.214.78.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-78-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58d6bac3144b31aaf114ba67b09c80cedf0b37c92bfc6e0ae50903c4beaa5a51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 21:18:19 GMT
expires
Sat, 04 May 2024 21:18:19 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-ua-compatible
IE=Edge

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 21:18:18 GMT
expires
Sat, 04 May 2024 21:18:18 GMT
location
/
server
nginx
reset.css
static.collectoptin.com/css/ 		1 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/css/reset.css
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
99fc06a1fdfec23d9f7d6a437651a38f4b1f951227c15132b1182746c14c024b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:27 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24937
etag
W/"6633aeff-444"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
GyYNtQXR6xa-em2QzjttOZ2gQuZiOgtzgDADFzWGduojZA1H4YvvgQ==
plein2kdo_ocv2_consent.css
static.collectoptin.com/build/theme_minimalist/ 		77 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.css
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d9c7513d8a26f16acc7f2bccbf7e1d9f8e01e5e94a17320cbe2d01c16e19ca4c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:18 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:01 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
21080
etag
W/"6633b13d-1320c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
bA9jfM65aNaRDgXokM66T-I_ptmbJoJ2tQP47J4jy1_g7nu88Vw7WQ==
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;300;400;500;600;700&display=swap
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0da366e3b14625529a4d9eccfd60d0f713a8cbda3c894c643968e5c5c3509267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 May 2024 21:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 May 2024 21:18:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 May 2024 21:18:19 GMT
jquery.min.js
static.collectoptin.com/build/vendor/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/vendor/jquery/jquery.min.js
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24937
etag
W/"6633b13c-17b8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
rXCbJjrPpmwcwevB3D3qxehGkBHcCIGQA4MmykEGgW64BscoUGqvOA==
623b24a792a0b.jpeg
static.optinproject.com/sites/2212/landing_mobile_header/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.optinproject.com/sites/2212/landing_mobile_header/623b24a792a0b.jpeg
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc6632403d40ea7ddbc015997667f28a5b4d9ed34079c630e5abdae472015170

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VxjZJuULhWNX_tF6msHWq6LlzI_9oqkq
date
Sat, 04 May 2024 05:54:02 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 13:46:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
55458
x-amz-server-side-encryption
AES256
etag
"3e2bffff980e23b39f844c27ab208548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
116279
x-amz-cf-id
u_gcEpfZYZZLgEXTyiPC9ACkSHvMFMiWAtN4Qdodp-jheVJYixWi3w==
ico-form.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ico-form.png
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e048a879ecd6f26ead96107299b7382945a7dbe6c1f9d67a500974805a0e2489

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:31 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24935
etag
"6633af03-381"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
897
x-amz-cf-id
YGe7mBGU2O4-DTl6gJPPpSsjHqxnHtp7Xq8dWyr9z2SDbYnenm0tvg==
ico-present.png
static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ 		718 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/Common/theme_arrow/desktop/images/ico-present.png
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
12dc3c5feae8181fb39f264366806bb585a862fe6011949176c44751324493c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:31 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24935
etag
"6633af03-2ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
718
x-amz-cf-id
EYAVEUQpXBEfJk_snSJnudrth4Rk7_iGY036qppgADLmJdeyY8IDIw==
dpo_email.jpg
static.collectoptin.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/images/dpo_email.jpg
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:27 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24937
etag
"6633aeff-1c32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
7218
x-amz-cf-id
xhAMKlT0m1561_iqHgk_6c-XeneH5_w-kKQj6QH-kCS3hut6-klCvQ==
plein2kdo-logo.png
static.collectoptin.com/workflowbundle/sweepstake/v2/FR/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.collectoptin.com/workflowbundle/sweepstake/v2/FR/images/plein2kdo-logo.png
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
357a9af42c012bbfa33f1e3ab348d9bb8b7476fd5035475b345db85be95331a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:31 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24936
etag
"6633af03-eab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3755
x-amz-cf-id
6oFlw8yIRWQ2siW6et4N29edVZ6swtq8XBChX0tYNyNkYOUGvTF4UQ==
api.js
www.google.com/recaptcha/ 		1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
8c46288bada313fb7ff8297230ecbce1974c5746253d2bad2dc6ca7763a377e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 04 May 2024 21:18:19 GMT
plein2kdo_ocv2_consent.js
static.collectoptin.com/build/theme_minimalist/ 		2 MB
460 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.js
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
705825eeb2ed3a021153d45dd7649534fe49a24ac90b811052a606e108c2ee3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 15:27:02 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:01 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
21077
etag
W/"6633b13d-1abebd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
s5FEAuqhIae8ssXqzN_obTndF3zW5ZE647ncgou4WkUNbgpKctX4-Q==
jquery.simplemodal.js
static.collectoptin.com/build/vendor/jquery-simplemodal/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/vendor/jquery-simplemodal/jquery.simplemodal.js
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ac057bf1597b81383d0c6c51dec811732e0e022956e3b2bb37524d1e4acc6c34

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:44 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24937
etag
W/"6633b13c-5a11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
qETonT_IK-LREvvqNn0rAJ5cyDRZ8eGHFtHo8uSkK1Y3R7IWFjQixg==
plein2kdo.gif
api.optinproject.com/rt/converted/
Redirect Chain
  • https://api.optinproject.com/targeting/converted/1100.gif
  • https://api.optinproject.com/rt/converted/plein2kdo.gif
43 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.optinproject.com/rt/converted/plein2kdo.gif
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Server
54.74.213.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-213-157.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sejour-magique.plein2kdo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 May 2024 21:18:19 GMT
cache-control
must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id
99bd57ad-2c5e-4289-8809-3da8d9d390d7
server
nginx
content-type
image/gif

Redirect headers

location
https://api.optinproject.com/rt/converted/plein2kdo.gif
date
Sat, 04 May 2024 21:18:19 GMT
content-type
text/html; charset=utf-8
server
nginx
p3p
policyref="http://www.webrivage.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
4213
sejour-magique.plein2kdo.com/track/visit/2273/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sejour-magique.plein2kdo.com/track/visit/2273/4213
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.214.78.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-78-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
cache-control
no-cache, private
server
nginx
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/ 		84 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 May 2024 21:18:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
4569905
x-jsd-version
1.11.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13300
x-served-by
cache-fra-eddf8230079-FRA, cache-mxp6930-MXP
x-jsd-version-type
version
etag
W/"14f73-BDozLk9VXMC/015FG+lVtLk5ZqA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
loader.js
sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/loader.js?target=sejour-magique.plein2kdo.com
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ce00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a79bbd48f83b76816463cb862547557c3262d886bc939df1fe655ba09b55dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
x-didomi-configs-version
104
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
content-encoding
br
via
1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-amzn-requestid
9767c307-bd01-4594-9fe4-fc81e2138d0e
etag
W/"5f2a8d4296da86b8016647e5cc46745f"
vary
Accept-Encoding
x-amzn-trace-id
root=1-6636a61b-0c50f1c454310c6b1400d778;parent=2dc0c70b1d8b9c50;sampled=0;lineage=eaae1266:0
content-type
application/javascript; charset=utf-8
x-cache
Hit from cloudfront
cache-control
max-age=7200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Ovy8gpdgJPDcwpRBX-fkwrEthEGPYjiEklXX9fmL0lCFllGPqmH9qA==
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.218.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-218-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:17:52 GMT
content-encoding
br
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
41
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
twIxU0t_Z3LmdR6fS4pRQVonOmsqQbx81_hfscIxmrsyfKuhYwPWDw==
623b24a733560.jpeg
static.optinproject.com/sites/2212/landing_background_image/ 		606 KB
607 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.optinproject.com/sites/2212/landing_background_image/623b24a733560.jpeg
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84e16510116136b97c252aebb909a373f0a1a999261de6fa97bc2774f3feddb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://static.collectoptin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 04:24:06 GMT
x-amz-version-id
fT3x4Gc.Vpg3LH8sCZhW4WNjvn6dCZSr
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 13:46:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
60854
etag
"7ef00811704fa5f3e2c2d4b01ee8f811"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
620214
x-amz-cf-id
kXm6S5JJ77NyjF6OExIgnteODFadQYzmND_qNjTJ9rtYPjuiOPkhIg==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://sejour-magique.plein2kdo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:45:49 GMT
x-content-type-options
nosniff
age
394350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:45:49 GMT
gtm.js
www.googletagmanager.com/ 		441 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d81950bd743eb04170409e1a0ab138858c9f199fcbcd56a3e1c7ecbe83502bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110662
x-xss-protection
0
last-modified
Sat, 04 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 May 2024 21:18:19 GMT
5.js
static.collectoptin.com/build/ 		347 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/5.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e0da22a90c016acc7098c88f3715d3b5f19b8970555f82ba453e9530b6dcfc39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:45 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24935
etag
W/"6633b13c-56cfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
9ZnA6vThyl30BhOetLMsguUwXWn-OV8Tz5613y6uudSTdRPEPv_Dag==
16.js
static.collectoptin.com/build/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/build/16.js
Requested by
Host: static.collectoptin.com
URL: https://static.collectoptin.com/build/theme_minimalist/plein2kdo_ocv2_consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
25c343ff7357fab77abc650938440617a06c8f58b1e1884474afbc047d878214

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:22:45 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:29:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24934
etag
W/"6633b13c-61b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
t9VrwSeCFXxUe9rSzcfzKwL3EzlRSqIPkiNz4re65gABfQjh61SXCw==
sdk.13baec1685caf5c6eeacde774570aa8c3314ba71.js
sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/ 		341 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/sdk.13baec1685caf5c6eeacde774570aa8c3314ba71.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/342cc8ab-0603-42a6-88ba-4ae77fbf586c/loader.js?target=sejour-magique.plein2kdo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ce00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bc4c1b886c8d0a2890d2eb7545457959fe1a725c1d25ef27699ecd43c1c3ff9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 13:00:24 GMT
content-encoding
br
via
1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 13:00:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
202676
etag
W/"1d1ae64de008bd93e9ed0fff95ffd94e-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FTX1yCUAZPKdEpPakkQ8eVaKYUTB1ZoqdQ40OHMeB81fCnJ7hb6bTA==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		509 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Origin
https://sejour-magique.plein2kdo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 16:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207268
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 May 2025 16:16:55 GMT
sessions
v3.api.optinproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorization-apikey
Access-Control-Request-Method
POST
Origin
https://sejour-magique.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sejour-magique.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Sat, 04 May 2024 21:18:19 GMT
server
nginx
vary
origin
sessions
v3.api.optinproject.com/ 		45 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
737866f8ef77bf2b1be9b6191b82d9aa2e6d9730c1c287ba6232e19cad20953b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
content-type
application/json
accept
application/json
Referer
https://sejour-magique.plein2kdo.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://sejour-magique.plein2kdo.com
date
Sat, 04 May 2024 21:18:20 GMT
cache-control
no-cache, private
x-correlation-id
b1981977-76d3-4763-b595-19b0925fa27e
access-control-allow-credentials
true
server
nginx
content-type
application/json
relocate
v3.api.optinproject.com/pixel/cookie/ 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.api.optinproject.com/pixel/cookie/relocate
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
cache-control
no-cache, private
x-correlation-id
27efa559-58fe-4176-9f00-94dce46cc6ff
server
nginx
content-type
image/gif
ui-gdpr-fr-web.13baec1685caf5c6eeacde774570aa8c3314ba71.js
sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/ 		275 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/ui-gdpr-fr-web.13baec1685caf5c6eeacde774570aa8c3314ba71.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/13baec1685caf5c6eeacde774570aa8c3314ba71/modern/sdk.13baec1685caf5c6eeacde774570aa8c3314ba71.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45670fc02b2ae90be6e03e58ceb532f43f8fc2b6776c108d18f625ca3c9ff0ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 13:00:25 GMT
content-encoding
br
via
1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 13:00:20 GMT
server
AmazonS3
age
202675
x-amz-cf-pop
FRA56-P10
etag
W/"84bb02973abc88e8b929dd04ffa1b6db-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pHeBqCscZVuEasns8Cz1BPI2OcNQM8TIGjsQ4j5TQ8JfhkHRpkGntg==
events
api.privacy-center.org/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:6000:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://sejour-magique.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
date
Sat, 04 May 2024 21:18:20 GMT
vary
Access-Control-Request-Headers
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-id
K2t6wb1mh9yOiY7iDgiICTTmRHAR5QUcip-PAFZGj6owOpaAtbJu5w==
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
x-powered-by
Express
events
api.privacy-center.org/v1/ 		0
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:6000:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sejour-magique.plein2kdo.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
surrogate-control
no-store
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options
noopen
allow
POST
vary
Accept
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-didomi-version
4db012c1
x-frame-options
SAMEORIGIN
x-amz-cf-id
zucu-wWGycjBk262UUCm2rH8UWYHa24-Pj1wcErUyofhIxSJVE6E2g==
expires
0
destination
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10985604376&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ebc1e37979f479e4a5adf9f59016a4b074e8df2837b3564e273dc76bd18df35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81244
x-xss-protection
0
last-modified
Sat, 04 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 May 2024 21:18:19 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220099-FRA
mt.js
asset.easydmp.net/mt/squadata/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/mt/squadata/mt.js?t=238175
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
211d783817a643ef35a33bf43805fc0bada7e8b93fe8eae9618f726ffd6e64d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 29 Apr 2024 12:12:30 GMT
x-iplb-request-id
2A0104A0133800920000000000000008:BDC8_200141D0030101000145023901930053:01BB_6636A61C_A720E02:7080
etag
"662f8eae-137c"
x-iplb-instance
57464
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
content-type
application/javascript; charset=utf-8
cache-control
max-age=900, s-maxage=900, public
content-length
4988
js
www.googletagmanager.com/gtag/ 		284 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DY4KRQDG9G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2df447d0fc83e1c61b62450fdd6b966c7246464adc032dfe6f42801d97c10c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 May 2024 21:18:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4024264373544458
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB3MLWK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2038cf73fe87043846884cb93447d69ce157dc0c4884e8d53d1e01adaf4bc94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51471
x-xss-protection
0
server
cafe
etag
4061879500280496330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 04 May 2024 21:18:20 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4960 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=t62p5qhwqin7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xM9yc3RHKo3UjWcZRJY3jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sejour-magique.plein2kdo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xM9yc3RHKo3UjWcZRJY3jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 May 2024 21:18:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame C5C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGWAcaAAAAAGYRkXjgZQVAtlZrPYSHii42ZPL1&co=aHR0cHM6Ly9zZWpvdXItbWFnaXF1ZS5wbGVpbjJrZG8uY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&sa=landing_4213&cb=qkh76nsise3p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hUFBS30WZf5XsT4eoijAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sejour-magique.plein2kdo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hUFBS30WZf5XsT4eoijAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 May 2024 21:18:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5024
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/ 		2 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/5024?data%5Bcountry%5D=de&data%5Bcustom1%5D=SPLID%3D4213&data%5Bcustom2%5D=plein2kdo%7Cplein2kdo_ocv2_consent%7Cplein2kdo-30-ans-parc-disneyland-paris-consent
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
accept
application/json
Referer
https://sejour-magique.plein2kdo.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
x-correlation-id
a1fbd274-3bd9-47fe-bf38-4ee9ada914c7
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sejour-magique.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
x-request-identifier
1526543a-f848-42ae-b9ff-76c6ff071d62
5024
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ads/type/sponsoring/supportlocation/5024?data%5Bcountry%5D=de&data%5Bcustom1%5D=SPLID%3D4213&data%5Bcustom2%5D=plein2kdo%7Cplein2kdo_ocv2_consent%7Cplein2kdo-30-ans-parc-disneyland-paris-consent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorization-apikey
Access-Control-Request-Method
GET
Origin
https://sejour-magique.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sejour-magique.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Sat, 04 May 2024 21:18:20 GMT
server
nginx
vary
origin
/
pagead2.googlesyndication.com/pagead/conversion/10985604376/ 		0
0
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DY4KRQDG9G&gtm=45je4510v873516131z876354608za200&_p=1714857499684&gcs=G100&gcd=13p3pPt2t5&npa=0&dma_cps=sypham&dma=1&tcfd=10001&gdid=dMTc4Zm&cid=1063793686.1714857500&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&dp=%2Fplein2kdo%2Flanding&sid=1714857500&sct=1&seg=0&dl=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&dt=Grand%20jeu%20concours%20Entr%C3%A9es%20pour%20disneyland%20paris&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site=plein2kdo-30-ans-parc-disneyland-paris-consent&ep.optinsplid=4213&ep.site_group=plein2kdo&ep.workflow=plein2kdo_ocv2_consent&ep.publisherId=762&tfd=7106
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY4KRQDG9G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 21:18:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sejour-magique.plein2kdo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%22fbq_6636a61b03cea%22%3A%22tw-oda9f-oda9h%22%7D&event_id=96e17e5a-c684-43a0-bfff-da7b8d5637cf&fbq_6636a61b03cea=tw-oda9f-oda9h&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2d8cf9a8-bf94-428d-8b2e-f9883912b525&tw_document_href=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&tw_iframe_status=0&txn_id=oda9f&type=javascript&version=2.3.30
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
178
date
Sat, 04 May 2024 21:18:20 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
464e688b14baf59e
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
9667f9acabb3da236ee6b55950dd93a7c759dacead4c256a14dbd6fe38636b21
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%22fbq_6636a61b03cea%22%3A%22tw-oda9f-oda9h%22%7D&event_id=96e17e5a-c684-43a0-bfff-da7b8d5637cf&fbq_6636a61b03cea=tw-oda9f-oda9h&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2d8cf9a8-bf94-428d-8b2e-f9883912b525&tw_document_href=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&tw_iframe_status=0&txn_id=oda9f&type=javascript&version=2.3.30
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
171
date
Sat, 04 May 2024 21:18:20 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
2a095e4aa5e4393d
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
0af79bfab8a31658e001424b6d5a8111f0749bd20f60a5b7461cd5a3c45ff318
content-length
43
adsct
t.co/1/i/ 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%22fbq_6636a61b03cea%22%3A%22tw-od4s1-od4s9%22%7D&event_id=d30ae0af-f496-45a9-b2ba-7a9c04653bd6&fbq_6636a61b03cea=tw-od4s1-od4s9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2d8cf9a8-bf94-428d-8b2e-f9883912b525&tw_document_href=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&tw_iframe_status=0&txn_id=od4s1&type=javascript&version=2.3.30
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
178
date
Sat, 04 May 2024 21:18:19 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
36489e5ce32f1403
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
9667f9acabb3da236ee6b55950dd93a7c759dacead4c256a14dbd6fe38636b21
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%22fbq_6636a61b03cea%22%3A%22tw-od4s1-od4s9%22%7D&event_id=d30ae0af-f496-45a9-b2ba-7a9c04653bd6&fbq_6636a61b03cea=tw-od4s1-od4s9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2d8cf9a8-bf94-428d-8b2e-f9883912b525&tw_document_href=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&tw_iframe_status=0&txn_id=od4s1&type=javascript&version=2.3.30
Requested by
Host: sejour-magique.plein2kdo.com
URL: https://sejour-magique.plein2kdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
109
date
Sat, 04 May 2024 21:18:19 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9b7827c185048180
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
0af79bfab8a31658e001424b6d5a8111f0749bd20f60a5b7461cd5a3c45ff318
content-length
43
client.js
asset.easydmp.net/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/js/client.js?t=238175
Requested by
Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=238175
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79b46905ffe08579b649343513623dae575a8dcce41346d36d52268f5e2ab8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 29 Apr 2024 12:12:30 GMT
x-iplb-request-id
2A0104A0133800920000000000000008:BDC8_200141D0030101000145023901930053:01BB_6636A61C_A720E18:7080
etag
"662f8eae-10ea"
x-iplb-instance
57464
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
content-type
application/javascript; charset=utf-8
cache-control
max-age=900, s-maxage=900, public
content-length
4330
gip.php
asset.easydmp.net/ 		47 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://asset.easydmp.net/gip.php
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ccfd085a2eff689e4b8b6d604dcbc3f672c1fac2664b40d2bd5e40a57088c443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-iplb-request-id
2A0104A0133800920000000000000008:B314_200141D0030101000145023901930053:01BB_6636A61C_A726308:70AB
x-iplb-instance
56861
transfer-encoding
chunked
p3p
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/ 		412 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4024264373544458&plah=sejour-magique.plein2kdo.com&aplac=true&bust=31083324
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4024264373544458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8899d05475c2e1725c81a1f6c99b21e3392f34891f2ad5bd071d21730fc2d519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142546
x-xss-protection
0
server
cafe
etag
14306541166527318721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 May 2024 21:18:20 GMT
announcers
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/announcers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorization-apikey
Access-Control-Request-Method
GET
Origin
https://sejour-magique.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sejour-magique.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Sat, 04 May 2024 21:18:20 GMT
server
nginx
vary
origin
collected-data
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/collected-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorization-apikey
Access-Control-Request-Method
POST
Origin
https://sejour-magique.plein2kdo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, referer, authorization, set-cookie, x-authorization-apikey, x-referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sejour-magique.plein2kdo.com
access-control-max-age
86400
cache-control
public, max-age=86400
date
Sat, 04 May 2024 21:18:20 GMT
server
nginx
vary
origin
announcers
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/ 		122 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/type/sales/announcers
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
62cd0892c2c8b9f050e195babc533fe274efde64a16640d8264f19e1ccbbe43b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
accept
application/json
Referer
https://sejour-magique.plein2kdo.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
x-correlation-id
7d204db9-b726-4609-90b3-5483899afa4a
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sejour-magique.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
collected-data
v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/ 		2 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v3.api.optinproject.com/sessions/9a9bdcf9-65de-4ddf-b506-c84af2b916b4/collected-data
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.159.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-159-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-authorization-apikey
633300f5ac87dc68bf919fde2b746be9
content-type
application/json
accept
application/json
Referer
https://sejour-magique.plein2kdo.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:18:20 GMT
x-correlation-id
c54f9d7a-5bda-4652-be19-dd7e24c605cd
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sejour-magique.plein2kdo.com
cache-control
no-cache, private
access-control-allow-credentials
true
favicon.ico
static.collectoptin.com/plein2kdo/images/iconified/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.collectoptin.com/plein2kdo/images/iconified/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-23.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4e2cbd9b7767c8fd6e6264734ab2b6ed9b23cc5dd6b79ae5de274713ea85080d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sejour-magique.plein2kdo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 14:25:18 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 15:19:27 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
age
24940
etag
"6633aeff-3aee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
x-amz-cf-id
z-8Vmw7fUgLHzGkQiMJlA2fTJobi01jsgk3VFGjWCmIpb9hVTAiu6w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/conversion/10985604376/?random=1714857500095&cv=11&fst=1714857500095&bg=ffffff&guid=ON&async=1&gtm=45be4510v896254696z876354608za201&gcs=G100&gcd=13p3p3t2t5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fsejour-magique.plein2kdo.com%2F&label=7yo6COu3poEYEJiKrPYo&hn=www.googleadservices.com&frm=0&tiba=Grand%20jeu%20concours%20Entr%C3%A9es%20pour%20disneyland%20paris&value=0&bttype=purchase&npa=0&pscdl=denied&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QQ&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| gdprAppliesGlobally function| __tcfapi object| DD_RUM function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| webpackJsonp function| setImmediate function| clearImmediate object| didomiEventListeners function| optinBrand function| FormValidate function| PhoneValidator function| DoubleCheckboxValidator function| Validation object| dataLayer object| didomiOnReady object| didomiRemoteConfig string| didomiCountry undefined| didomiRegion object| didomiGeoRegulations object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OptinClientSponsoring object| OptinCollectSponsoring object| webpackChunkDidomi object| Didomi object| DidomiSanitizing object| didomiState object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| twq function| __easyMetaTagSqudata object| closure_lm_66416 object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| twttr string| [eedmpact] function| eedmpdo object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl

28 Cookies

Domain/Path Name / Value
.cd-cont.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cd-cont.com/ Name: gdm_sid_v1_3_001
Value: LDdoUodIXyuq1hkL5vs/RsCC0V1z4xeLkmEmH9QDez96zRZVxma499jxUr1NixN07al7gwZjhtxl6taL6Y9d/5h7Ojpltxvl6fqIDCDU11YkOQnLn6mv6ZT1LxsH3zNL4mmHSPMus95YD7+Xsu19IPj+xGtLmA3kbRvxx1Fjk/qFWfeU3IFq0h5tWHA8QuOQPxfy3Ez6NQAVxRooCxoxFDMfFX2Kt8T8pYJqyZT6D4ahcGru51G9L+zZLVsbvwpstvdBE8rGqVaIJTYpM69L3HKSDc8JIDnfUfeAzjKqxZ5qSaKng/RbVVdrS4Uxc2qLAsCIx3mhafqBT/Si5gDpuDk3LzvXgpzVBrdRpmAwf6UHgsOp7u8eAgeEyihnAlLdP0YVWdLsAWuVCR9+UUuT9EZZbKg2/OhzUCFQMIzCNwXeGoLO5+yoP2WoNR7AhSzONRkIj4yJpmyHS+CbVspzVCU0brxiuO7xvqewEsH/fW12q4SVKV/TqcDqBKpq6aWhkA/uii0dRKHSI++s7MCpIKRiEbageGCet6OvJ4j19oW2GMRNelRxBZECIKyeTpVX1c2JNiyvTa0WIoc+DBEFC3u7uTrQYsy9vE9JeygJt2dZpC5STTV+jbKCMfE6m3hy0af3Pz6sNsGu4lwRgpnxvaGJ8U6ZdEik6Iukntey1SbqQQH5OrpVkAsyRW5Jo/o/rKF3sbOD7IJST/Orij0RyXGEx4/MnkZac0tlNmgnvMuL/r/8EnnVEJqIxBgON8j73rUtwgBWC+R5QLMtAopl7X8mXs4HI1PdvVpiRhKndF8IF0n3/rj0oedeFnDl0w57rA79EC5D+URmWdcQqOSnOF7MYfuzcDGkTEWFqju+ZD8hkInI6eEd+UBf5t170GYUuQXkXKcpYxb2RRWKBzFvWYFjLvm5U0d4wQLtDMTtyeieTEGaWcfmN+8vg9CEcgDIBBk10HNsnSoo0Nq5LLZAHWBky3tNaUoNLnPbeG+XbNnJ8nWwNb/fnqzRQ1znKZQKD/L4zIGdaeOj0V82iyLDYIW3H+kYtrrxQSH+SVrX0muxizQmy2rl7A6JfQJVbN3W
.cd-cont.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cd-cont.com/ Name: gdm_click_adv_freq_v2_1_001
Value: foYa63xAE1V8RfM9y9fMReUHATTNhQ8EOk8TNEXY2AGg2tQQr7PtTogOYrwGn/+a
.cd-cont.com/ Name: gdm_click_adv_freq_v1_1_001
Value: foYa63xAE1V8RfM9y9fMReUHATTNhQ8EOk8TNEXY2AGg2tQQr7PtTogOYrwGn/+a
.cd-cont.com/ Name: gdm_uid_v1_1_001
Value: jeHkqbcFOR2mbnkadQaabjqVafq7tEAJdMnJ83Fw20RzKcmEcO5p7RBVkRGEd7Wz
.cd-cont.com/ Name: gdm_click_freq_v2_1_001
Value: t0FkT+NieTTfdyRZK3EvRNXqANA55MUC8k8bf/LCZDds/kP+k8PP2rRZymWmYAhu
.cd-cont.com/ Name: gdm_click_freq_v1_1_001
Value: t0FkT+NieTTfdyRZK3EvRNXqANA55MUC8k8bf/LCZDds/kP+k8PP2rRZymWmYAhu
.cd-cont.com/ Name: gdm_sid_v2_3_001
Value: LDdoUodIXyuq1hkL5vs/RsCC0V1z4xeLkmEmH9QDez96zRZVxma499jxUr1NixN07al7gwZjhtxl6taL6Y9d/5h7Ojpltxvl6fqIDCDU11YkOQnLn6mv6ZT1LxsH3zNL4mmHSPMus95YD7+Xsu19IPj+xGtLmA3kbRvxx1Fjk/qFWfeU3IFq0h5tWHA8QuOQPxfy3Ez6NQAVxRooCxoxFDMfFX2Kt8T8pYJqyZT6D4ahcGru51G9L+zZLVsbvwpstvdBE8rGqVaIJTYpM69L3HKSDc8JIDnfUfeAzjKqxZ5qSaKng/RbVVdrS4Uxc2qLAsCIx3mhafqBT/Si5gDpuDk3LzvXgpzVBrdRpmAwf6UHgsOp7u8eAgeEyihnAlLdP0YVWdLsAWuVCR9+UUuT9EZZbKg2/OhzUCFQMIzCNwXeGoLO5+yoP2WoNR7AhSzONRkIj4yJpmyHS+CbVspzVCU0brxiuO7xvqewEsH/fW12q4SVKV/TqcDqBKpq6aWhkA/uii0dRKHSI++s7MCpIKRiEbageGCet6OvJ4j19oW2GMRNelRxBZECIKyeTpVX1c2JNiyvTa0WIoc+DBEFC3u7uTrQYsy9vE9JeygJt2dZpC5STTV+jbKCMfE6m3hy0af3Pz6sNsGu4lwRgpnxvaGJ8U6ZdEik6Iukntey1SbqQQH5OrpVkAsyRW5Jo/o/rKF3sbOD7IJST/Orij0RyXGEx4/MnkZac0tlNmgnvMuL/r/8EnnVEJqIxBgON8j73rUtwgBWC+R5QLMtAopl7X8mXs4HI1PdvVpiRhKndF8IF0n3/rj0oedeFnDl0w57rA79EC5D+URmWdcQqOSnOF7MYfuzcDGkTEWFqju+ZD8hkInI6eEd+UBf5t170GYUuQXkXKcpYxb2RRWKBzFvWYFjLvm5U0d4wQLtDMTtyeieTEGaWcfmN+8vg9CEcgDIBBk10HNsnSoo0Nq5LLZAHWBky3tNaUoNLnPbeG+XbNnJ8nWwNb/fnqzRQ1znKZQKD/L4zIGdaeOj0V82iyLDYIW3H+kYtrrxQSH+SVrX0muxizQmy2rl7A6JfQJVbN3W
.cd-cont.com/ Name: gdm_uid_v2_1_001
Value: jeHkqbcFOR2mbnkadQaabjqVafq7tEAJdMnJ83Fw20RzKcmEcO5p7RBVkRGEd7Wz
.api.optinproject.com/ Name: OPTINPUID
Value: 6636a61a5957e6z54097019
.api.optinproject.com/ Name: OPTINPUID-legacy
Value: 6636a61a5957e6z54097019
.api.optinproject.com/ Name: OPTINPAFF13714
Value: ad|fr|54661|4213|0d9b0b1091d268c|
.api.optinproject.com/ Name: OPTINPAFF13714-legacy
Value: ad|fr|54661|4213|0d9b0b1091d268c|
.api.optinproject.com/ Name: OPTINPAFFTRACKING
Value: 4213
.api.optinproject.com/ Name: OPTINPAFFTRACKING-legacy
Value: 4213
sejour-magique.plein2kdo.com/ Name: PHPSESSID
Value: 5b47d8a992bcc1bfb4e139ab31e697cc
.api.optinproject.com/ Name: OPTINSESSIONUID
Value: 1714857499
.plein2kdo.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThmNDU3OGQtY2E5OS02ODQ1LTkwNDMtNmUwNzUyZmE4NjBkIiwiY3JlYXRlZCI6IjIwMjQtMDUtMDRUMjE6MTg6MTkuODE3WiIsInVwZGF0ZWQiOiIyMDI0LTA1LTA0VDIxOjE4OjE5LjgxN1oiLCJ2ZXJzaW9uIjpudWxsfQ==
sejour-magique.plein2kdo.com/ Name: sqd_nwvst
Value: 1
sejour-magique.plein2kdo.com/ Name: sqd_vst
Value: 1
sejour-magique.plein2kdo.com/ Name: sqd_fp
Value: 0_f89ee35fb39a83c7ec2801c6e197102f
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171485750029970058
.twitter.com/ Name: guest_id_ads
Value: v1%3A171485750029970058
.twitter.com/ Name: personalization_id
Value: "v1_lfj/3+j0+Y1ksFiu1iz3Lg=="
.twitter.com/ Name: guest_id
Value: v1%3A171485750029970058
.t.co/ Name: muc_ads
Value: 9fa9f69a-456f-4411-baf3-6b66d218e497
sejour-magique.plein2kdo.com/ Name: _dd_s
Value: rum=0&expire=1714858399702

37 Console Messages

Source Level URL
Text
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sejour-magique.plein2kdo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.optinproject.com
api.privacy-center.org
asset.easydmp.net
cd-cont.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
o231585781.kractipo.com
pagead2.googlesyndication.com
parisdesnyebgtfrdff.pro
region1.google-analytics.com
sdk.privacy-center.org
sejour-magique.plein2kdo.com
static.ads-twitter.com
static.collectoptin.com
static.optinproject.com
t.co
track.mltrck.com
v3.api.optinproject.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
104.244.42.195
104.244.42.5
13.32.121.23
13.32.99.23
13.33.218.24
142.250.185.196
142.250.186.130
146.75.120.157
192.64.119.94
193.46.255.169
2001:41d0:301:100:145:239:193:53
2001:4860:4802:34::36
2600:9000:2644:6000:d:2044:5c40:93a1
2600:9000:26e8:ce00:5:b7cc:d3c0:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a04:4e42::485
2a05:d018:483:6110:b9d6:fedf:9bcb:8752
3.161.82.55
34.240.47.120
52.211.159.98
52.214.78.115
54.74.213.157
0da366e3b14625529a4d9eccfd60d0f713a8cbda3c894c643968e5c5c3509267
12dc3c5feae8181fb39f264366806bb585a862fe6011949176c44751324493c5
2038cf73fe87043846884cb93447d69ce157dc0c4884e8d53d1e01adaf4bc94b
211d783817a643ef35a33bf43805fc0bada7e8b93fe8eae9618f726ffd6e64d8
25c343ff7357fab77abc650938440617a06c8f58b1e1884474afbc047d878214
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
357a9af42c012bbfa33f1e3ab348d9bb8b7476fd5035475b345db85be95331a1
45670fc02b2ae90be6e03e58ceb532f43f8fc2b6776c108d18f625ca3c9ff0ca
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e2cbd9b7767c8fd6e6264734ab2b6ed9b23cc5dd6b79ae5de274713ea85080d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58d6bac3144b31aaf114ba67b09c80cedf0b37c92bfc6e0ae50903c4beaa5a51
62cd0892c2c8b9f050e195babc533fe274efde64a16640d8264f19e1ccbbe43b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ebc1e37979f479e4a5adf9f59016a4b074e8df2837b3564e273dc76bd18df35
705825eeb2ed3a021153d45dd7649534fe49a24ac90b811052a606e108c2ee3a
737866f8ef77bf2b1be9b6191b82d9aa2e6d9730c1c287ba6232e19cad20953b
79b46905ffe08579b649343513623dae575a8dcce41346d36d52268f5e2ab8d4
7bc4c1b886c8d0a2890d2eb7545457959fe1a725c1d25ef27699ecd43c1c3ff9
8899d05475c2e1725c81a1f6c99b21e3392f34891f2ad5bd071d21730fc2d519
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c46288bada313fb7ff8297230ecbce1974c5746253d2bad2dc6ca7763a377e0
99fc06a1fdfec23d9f7d6a437651a38f4b1f951227c15132b1182746c14c024b
a3a79bbd48f83b76816463cb862547557c3262d886bc939df1fe655ba09b55dd
a84e16510116136b97c252aebb909a373f0a1a999261de6fa97bc2774f3feddb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac057bf1597b81383d0c6c51dec811732e0e022956e3b2bb37524d1e4acc6c34
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ccfd085a2eff689e4b8b6d604dcbc3f672c1fac2664b40d2bd5e40a57088c443
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d2df447d0fc83e1c61b62450fdd6b966c7246464adc032dfe6f42801d97c10c7
d81950bd743eb04170409e1a0ab138858c9f199fcbcd56a3e1c7ecbe83502bf7
d9c7513d8a26f16acc7f2bccbf7e1d9f8e01e5e94a17320cbe2d01c16e19ca4c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e048a879ecd6f26ead96107299b7382945a7dbe6c1f9d67a500974805a0e2489
e0da22a90c016acc7098c88f3715d3b5f19b8970555f82ba453e9530b6dcfc39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62
fc6632403d40ea7ddbc015997667f28a5b4d9ed34079c630e5abdae472015170