Submitted URL: https://echo7.bluehornet.com/ct/60083116:JZH8JboNN:m:1:3171501555:29898A92D8B28752F3E0C8D3729E9663:r
Effective URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Submission: On April 10 via api from BE — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 27 HTTP transactions. The main IP is 89.90.201.187, located in Saint-Etienne, France and belongs to BOUYGTEL-ISP, FR. The main domain is landing-page.culture-formation.be.
TLS certificate: Issued by Gandi Standard SSL CA 2 on October 26th 2021. Valid for: a year.
This is the only time landing-page.culture-formation.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.237.38.189 16509 (AMAZON-02)
1 1 54.72.240.173 16509 (AMAZON-02)
1 2 35.186.231.97 15169 (GOOGLE)
1 65.9.7.50 16509 (AMAZON-02)
1 188.165.150.177 16276 (OVH)
1 14 89.90.201.187 5410 (BOUYGTEL-ISP)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 87.230.98.74 61157 (PLUSSERVE...)
27 7
Apex Domain
Subdomains
Transfer
14 culture-formation.be
landing-page.culture-formation.be
798 KB
9 consensu.org
cdn.consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 16696
consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 15417
94 KB
4 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 64959
vht.tradedoubler.com — Cisco Umbrella Rank: 110201
analytics.tradedoubler.com — Cisco Umbrella Rank: 130769
6 KB
1 consentmanager.net
cdn.consentmanager.net — Cisco Umbrella Rank: 26630
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
71 KB
1 loudedig.com
trk.loudedig.com — Cisco Umbrella Rank: 284101
2 KB
1 bluehornet.com
echo7.bluehornet.com — Cisco Umbrella Rank: 466393
593 B
27 7
Domain Requested by
14 landing-page.culture-formation.be 1 redirects landing-page.culture-formation.be
6 cdn.consentmanager.mgr.consensu.org www.googletagmanager.com
clk.tradedoubler.com
consentmanager.mgr.consensu.org
cdn.consentmanager.mgr.consensu.org
3 consentmanager.mgr.consensu.org clk.tradedoubler.com
2 clk.tradedoubler.com 1 redirects
1 cdn.consentmanager.net
1 www.googletagmanager.com landing-page.culture-formation.be
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 trk.loudedig.com 1 redirects
1 echo7.bluehornet.com 1 redirects
27 10

This site contains links to these domains. Also see Links.

Domain
www.culture-formation.be
www.consentmanager.net
Subject Issuer Validity Valid
*.tradedoubler.com
R3
2022-02-15 -
2022-05-16
3 months crt.sh
landing-page.culture-formation.be
Gandi Standard SSL CA 2
2021-10-26 -
2022-10-26
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
1376624012.rsc.cdn77.org
R3
2022-02-10 -
2022-05-11
3 months crt.sh
consentmanager.mgr.consensu.org
R3
2022-03-01 -
2022-05-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Frame ID: 6CDB3F7FAFDED03A7929790CFC38BCB0
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Documentation gratuite sur la formation de secrétaire médicale dispensée par Culture et Formation Belgique

Page URL History Show full URLs

  1. https://echo7.bluehornet.com/ct/60083116:JZH8JboNN:m:1:3171501555:29898A92D8B28752F3E0C8D3729E9663:r HTTP 302
    https://trk.loudedig.com/aff_c?offer_id=2303&aff_id=1&file_id=3804&aff_sub=Wowzard HTTP 302
    https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076 Page URL
  2. https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076 HTTP 302
    http://landing-page.culture-formation.be/?idAff=3090102&f=SMS HTTP 301
    https://landing-page.culture-formation.be/?idAff=3090102&f=SMS Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

10
Subdomains

7
IPs

4
Countries

969 kB
Transfer

1492 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://echo7.bluehornet.com/ct/60083116:JZH8JboNN:m:1:3171501555:29898A92D8B28752F3E0C8D3729E9663:r HTTP 302
    https://trk.loudedig.com/aff_c?offer_id=2303&aff_id=1&file_id=3804&aff_sub=Wowzard HTTP 302
    https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076 Page URL
  2. https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076 HTTP 302
    http://landing-page.culture-formation.be/?idAff=3090102&f=SMS HTTP 301
    https://landing-page.culture-formation.be/?idAff=3090102&f=SMS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://echo7.bluehornet.com/ct/60083116:JZH8JboNN:m:1:3171501555:29898A92D8B28752F3E0C8D3729E9663:r HTTP 302
  • https://trk.loudedig.com/aff_c?offer_id=2303&aff_id=1&file_id=3804&aff_sub=Wowzard HTTP 302
  • https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • https://echo7.bluehornet.com/ct/60083116:JZH8JboNN:m:1:3171501555:29898A92D8B28752F3E0C8D3729E9663:r
  • https://trk.loudedig.com/aff_c?offer_id=2303&aff_id=1&file_id=3804&aff_sub=Wowzard
  • https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
921 B
1 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
dc70837b9fafa7016bacac38082cbf4a22df9fdc5a4c412af5f6052681580b3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
921
content-type
text/html; charset=ISO-8859-1
date
Sun, 10 Apr 2022 08:37:25 GMT
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
via
1.1 google

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
295
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 10 Apr 2022 08:37:25 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102b250c0ca443e915852995697076
X-Request-Id
b4ed073390ee955567eaf7e910cb3067
X-Robots-Tag
noindex, nofollow
prefs.js
vht.tradedoubler.com/fp/
9 KB
4 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-50.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 12:08:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
246523
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
3705
X-Amz-Cf-Id
e7TChihKUlAcQEXPi0UQxRq0sgQ-PTiEbWLgOfM9ICc7vHILF438lQ==
/
analytics.tradedoubler.com/
0
241 B
Ping
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 10 Apr 2022 08:37:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Primary Request /
landing-page.culture-formation.be/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
  • http://landing-page.culture-formation.be/?idAff=3090102&f=SMS
  • https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
16 KB
16 KB
Document
General
Full URL
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 / PHP/5.6.31
Resource Hash
b4fefbdbdfd02789d95647f2f260692041bd288c664079baba7a78340aa0f31a

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
15933
content-type
text/html; charset=UTF-8
date
Sun, 10 Apr 2022 08:37:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
x-powered-by
PHP/5.6.31

Redirect headers

Content-Length
200
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Apr 2022 08:37:25 GMT
Location
https://landing-page.culture-formation.be?idAff=3090102&f=SMS
Server
Microsoft-IIS/10.0
main.css
landing-page.culture-formation.be/_css/
2 KB
2 KB
Stylesheet
General
Full URL
https://landing-page.culture-formation.be/_css/main.css
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
19d37da27dc8c665c17897abd0aaee70200a125677f7fc4b3fc31c4375ff30e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 24 Mar 2021 10:02:20 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"16c640c79420d71:0"
content-length
1738
content-type
text/css
bootstrap.min.css
landing-page.culture-formation.be/_css/
107 KB
107 KB
Stylesheet
General
Full URL
https://landing-page.culture-formation.be/_css/bootstrap.min.css
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:36 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"cb4414701260d61:0"
content-length
109522
content-type
text/css
style.css
landing-page.culture-formation.be/templates/template_BC444/_css/
125 KB
125 KB
Stylesheet
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_css/style.css
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e4b9d5babf1be93b2e0a01d2e2c7418496d5c64ae7f556ce4961751cf96c4867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"4f62557e1260d61:0"
content-length
128108
content-type
text/css
jquery.js
landing-page.culture-formation.be/_js/
71 KB
71 KB
Script
General
Full URL
https://landing-page.culture-formation.be/_js/jquery.js
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:36 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8c719701260d61:0"
content-length
72328
content-type
application/javascript
main.js
landing-page.culture-formation.be/_js/
2 KB
2 KB
Script
General
Full URL
https://landing-page.culture-formation.be/_js/main.js
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7f87125c634e610d67895e7d828c3bdf3bcc9b9fde0b667836e31f03b90ac461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:36 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8c719701260d61:0"
content-length
1773
content-type
application/javascript
logo-culture-et-formation.png
landing-page.culture-formation.be/templates/template_BC444/_img/
17 KB
17 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/logo-culture-et-formation.png
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
085876e7af46938d0fac890ca74299d36f8da9710c40022a56bc6a8ef38a76ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"70865c7e1260d61:0"
content-length
17580
content-type
image/png
photo-secretaire-medicale.jpg
landing-page.culture-formation.be/templates/template_BC444/_img/
134 KB
134 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/photo-secretaire-medicale.jpg
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
1f6716ff84aa4bd8be92dbbee5184a532b6772e1f6a9bdb92358e1310589fbbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"d0e75e7e1260d61:0"
content-length
137367
content-type
image/jpeg
form-bt.gif
landing-page.culture-formation.be/templates/template_BC444/_img/
1 KB
1 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/form-bt.gif
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ccca7b5231dfb7ec24eb77bfb861b2a1f8cdfa5ae0e9557d12ad20ab51ff64fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"10255a7e1260d61:0"
content-length
1073
content-type
image/gif
image-methode.png
landing-page.culture-formation.be/templates/template_BC444/_img/
181 KB
181 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/image-methode.png
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5528dcdc01c5bfe263e1517b7ba70949d0473493ddf2b93d71df764d42cf9c82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"70865c7e1260d61:0"
content-length
185588
content-type
image/png
photo-metier.jpg
landing-page.culture-formation.be/templates/template_BC444/_img/
33 KB
33 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/photo-metier.jpg
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
db6592014810b5d7afb9e1eb807ff3a6996141fac07227e7e0d11b2f0ed1443d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"d0e75e7e1260d61:0"
content-length
34245
content-type
image/jpeg
bande-photos.jpg
landing-page.culture-formation.be/templates/template_BC444/_img/
98 KB
98 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/bande-photos.jpg
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b125a8bb1ee66224cd99c9c6daae0a99d3663c1aefad2c49d61568ea6c86ef12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"4f62557e1260d61:0"
content-length
100370
content-type
image/jpeg
gtm.js
www.googletagmanager.com/
203 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLKR9T4
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/?idAff=3090102&f=SMS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5703b62fe5f12c7634502a5b0f0b99f37fabf7c456e7d116d58199caed3c1e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72013
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Apr 2022 08:37:26 GMT
icon-ecole.png
landing-page.culture-formation.be/templates/template_BC444/_img/
9 KB
9 KB
Image
General
Full URL
https://landing-page.culture-formation.be/templates/template_BC444/_img/icon-ecole.png
Requested by
Host: landing-page.culture-formation.be
URL: https://landing-page.culture-formation.be/templates/template_BC444/_css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.90.201.187 Saint-Etienne, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
static-qvn-qvd-201187.business.bouyguestelecom.com
Software
Microsoft-IIS/10.0 /
Resource Hash
1a93bd91c27c9497fa6f75a14028b9b2bfd85278649f410a989edb6514b707c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/templates/template_BC444/_css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 08:37:26 GMT
last-modified
Wed, 22 Jul 2020 10:25:59 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"b0c3577e1260d61:0"
content-length
9654
content-type
image/png
cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/
26 KB
6 KB
Stylesheet
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLKR9T4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
13cbc80af8861976462248c279cfa9669070a243d4b29552b56fd2df122670e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
etag
W/"669c-5da48697f3c80"
x-77-nzt
AcO1ryywiWj/DwMAAA
x-accel-expires
@1649580863
last-modified
Tue, 15 Mar 2022 21:23:46 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
x-77-nzt-ray
Wl/9IGW4R2o
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800, public
x-age
783
cmp.php
consentmanager.mgr.consensu.org/delivery/
5 KB
2 KB
Script
General
Full URL
https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=29457&h=https%3A%2F%2Flanding-page.culture-formation.be%2F%3FidAff%3D3090102%26f%3DSMS&&__cmpfcc=1&l=en&o=1649579846529
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Pulheim, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
41b28cbc395267a238f0f0c3f6c07cad252491c50550478ec71899c7bccb8830
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Apr 2022 08:37:26 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Apr 2022 08:37:26 GMT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cmp_en.min.js
cdn.consentmanager.mgr.consensu.org/delivery/
363 KB
69 KB
Script
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=283144&a=3090102&g=24498996&epi=102b250c0ca443e915852995697076
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
1175cfbe7ac81db547d74557e7c1fc195052a0620d485e08296f34def5a43307
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
etag
W/"5ace3-5dae065fa8680"
x-77-nzt
AcO1ryzg8zj//QIAAA
x-accel-expires
@1649580881
last-modified
Wed, 23 Mar 2022 10:43:22 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
x-77-nzt-ray
jQwOCGd+u2E
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
x-age
765
bV8xLndfMjk0NTcuZF8xMzAxNi54XzEudi5wLnRfMTMwMTY.js
cdn.consentmanager.mgr.consensu.org/delivery/customdata/
33 KB
5 KB
Script
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/customdata/bV8xLndfMjk0NTcuZF8xMzAxNi54XzEudi5wLnRfMTMwMTY.js
Requested by
Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=29457&h=https%3A%2F%2Flanding-page.culture-formation.be%2F%3FidAff%3D3090102%26f%3DSMS&&__cmpfcc=1&l=en&o=1649579846529
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
290c325ccbea6416874c6945ed6ddfb9830acae8f299a435c93e07fceeb4c645
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PleskLin
x-77-cache
MISS
x-cache
EXPIRED
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
0
x-77-nzt
AcO1ryxJsivLCQcAAA
x-accel-expires
@1649581646
last-modified
Sun, 10 Apr 2022 08:37:26 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
x-77-nzt-ray
wJZn6ND+bxo
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*, *
cache-control
public, max-age=1800
x-age
1801
expires
Sun, 10 Apr 2022 09:07:26 GMT
langpurpose_fr.min.js
cdn.consentmanager.mgr.consensu.org/delivery/lang/
49 KB
8 KB
Script
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/lang/langpurpose_fr.min.js
Requested by
Host: cdn.consentmanager.mgr.consensu.org
URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
bd9dd5724d61c3cc2b3eaa004e3389798fef41aa92a17d82f47ae83face2e8f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
etag
W/"62311278-c365"
x-77-nzt
AcO1ryy4w2L/0gEAAA
x-accel-expires
@1649581180
last-modified
Tue, 15 Mar 2022 22:26:00 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
x-77-nzt-ray
DMiac9LrQ+U
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
x-age
466
/
consentmanager.mgr.consensu.org/delivery/info/
43 B
353 B
Image
General
Full URL
https://consentmanager.mgr.consensu.org/delivery/info/?id=29457&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Flanding-page.culture-formation.be%2F%3FidAff%3D3090102%26f%3DSMS&o=1649579846752&l=FR&lv=28434&d=1&ct=14&e=&e2=&e3=&i=&sv=4&dv=1&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Pulheim, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Apr 2022 08:37:26 GMT
Last-Modified
Sun, 10 Apr 2022 08:37:26 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
consentmanager.mgr.consensu.org/delivery/info/
43 B
353 B
Image
General
Full URL
https://consentmanager.mgr.consensu.org/delivery/info/?id=29457&did=1&cfdid=1&t=cv&h=https%3A%2F%2Flanding-page.culture-formation.be%2F%3FidAff%3D3090102%26f%3DSMS&o=1649579846752&l=FR&lv=28434&d=1&ct=14&e=&e2=&e3=&i=&sv=4&dv=1&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Pulheim, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Apr 2022 08:37:26 GMT
Last-Modified
Sun, 10 Apr 2022 08:37:26 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cmplogo.svg
cdn.consentmanager.mgr.consensu.org/delivery/
3 KB
2 KB
Image
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmplogo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
P7/J4bnPQDY
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
x-77-nzt
AcO1ryy7h6P/ickAAA
x-accel-expires
@1649614653
last-modified
Tue, 08 Feb 2022 14:38:46 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
etag
W/"62028076-d0f"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
x-age
51593
cmplogo.svg
cdn.consentmanager.net/delivery/
3 KB
2 KB
Image
General
Full URL
https://cdn.consentmanager.net/delivery/cmplogo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
93fdnqH17RA
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
x-77-nzt
AcO1ryzl3db/ickAAA
x-accel-expires
@1649614653
last-modified
Tue, 08 Feb 2022 14:38:46 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
etag
W/"62028076-d0f"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
x-age
51593
fr.gif
cdn.consentmanager.mgr.consensu.org/delivery/flags/
366 B
900 B
Image
General
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/flags/fr.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
e2016ab933817845c6bca46de5c80793c2e3baa94fdd467589a0ca47ebdb9676
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing-page.culture-formation.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 10 Apr 2022 08:37:26 GMT
x-content-type-options
nosniff
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains
x-age
51319
vary
Accept-Encoding
content-length
366
etag
"16e-5c4c0aa828a40"
x-77-nzt
AcO1ryyIeRL/d8gAAA
x-accel-expires
@1649614927
last-modified
Mon, 14 Jun 2021 21:37:37 GMT
server
CDN77-Turbo
x-frame-options
sameorigin
x-77-nzt-ray
BNRTVAQ3XaE
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/gif
access-control-allow-origin
*
x-accel-version
0.01
cache-control
max-age=86400, public
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer function| $ function| jQuery string| urlPixel string| urlAjax function| display_message function| RemoveNotifier object| google_tag_manager object| google_tag_data boolean| gdprAppliesGlobally number| cmp_id string| cmp_params string| cmp_host string| cmp_cdn function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_addFrame function| cmp_rc function| cmp_stub function| cmp_msghandler function| cmp_setStub function| __cmapi function| __cmp function| __tcfapi function| __uspapi function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_affiliatedomains function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_storage function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_cookielist function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole function| cmp_regulations function| cmp_getregulation function| cmp_getcss object| cmpmngr function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 string| cmp_config_data_cs object| cmp_config_data object| cmp_scripts object| cmp_scripturls string| cmp_proto string| cmp_warn object| cmp_timer function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icoprv55 function| cmp_svg_icoprv56 function| cmp_svg_icomatexternal_link number| cmpGDPR number| cmpCCPA string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP object| utag_data

10 Cookies

Domain/Path Name / Value
echo7.bluehornet.com/ Name: AWSALB
Value: GgFebJ+mWD8KfWNBauehFKED2HCoCxe5SmSzPTmcRlupMoM8kFO/34Tz67L1hHxAlQ4k9CdjomuyHc/Bg0ktAJfmbZoj9n29yYvyfYH3qaJdIfAbcehWqPTCOuLO
echo7.bluehornet.com/ Name: AWSALBCORS
Value: GgFebJ+mWD8KfWNBauehFKED2HCoCxe5SmSzPTmcRlupMoM8kFO/34Tz67L1hHxAlQ4k9CdjomuyHc/Bg0ktAJfmbZoj9n29yYvyfYH3qaJdIfAbcehWqPTCOuLO
trk.loudedig.com/ Name: enc_aff_session_2303
Value: ENC03cc13d8d0d1c67ceb64fbf018e8224e2bbb1edbbc660fb4a3baf6dfcb01a29892ba620121d94cee7c86d1a2a77005571325f6d261e8cf1c6e66f2f9c7acc37d876c54c784d5ec6aa0a56eb96aa2610cc304b904cacce6aa932a093ff38e58e6e320a4153ffcf2f60b4b9955b411c0e2964d3c723d79605e5807164be8cbf99a0a1eb8f118
trk.loudedig.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDAuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni43NSBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.tradedoubler.com/ Name: EH_0
Value: 1z11z1ztVz2C9ysyz1Id4yZVMNhsSyE4l39asiaETOF_OE_bqemc6YhqS8hiGsg_rNxkJYoJbJJcujBK_IADY.LT6u.7rfGuDaEfPj9CT5KRHu1x.GF4x8vfQniZxCGs
.tradedoubler.com/ Name: GUID
Value: 1z11zztVzoCovZz7b334ab50da3ade83249b6babe778053
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 7b334ab50da3ade83249b6babe778053
landing-page.culture-formation.be/ Name: PHPSESSID
Value: fbebbuss8hkktmdj89nc4f7e85
.culture-formation.be/ Name: _gcl_au
Value: 1.1.328210793.1649579847
.culture-formation.be/ Name: __cmpcccu19021
Value: aBPXOejDAAAAwAXABgAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
clk.tradedoubler.com
consentmanager.mgr.consensu.org
echo7.bluehornet.com
landing-page.culture-formation.be
trk.loudedig.com
vht.tradedoubler.com
www.googletagmanager.com
188.165.150.177
2a00:1450:4001:830::2008
2a02:6ea0:c700::1
35.186.231.97
44.237.38.189
54.72.240.173
65.9.7.50
87.230.98.74
89.90.201.187
085876e7af46938d0fac890ca74299d36f8da9710c40022a56bc6a8ef38a76ba
1175cfbe7ac81db547d74557e7c1fc195052a0620d485e08296f34def5a43307
13cbc80af8861976462248c279cfa9669070a243d4b29552b56fd2df122670e6
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
19d37da27dc8c665c17897abd0aaee70200a125677f7fc4b3fc31c4375ff30e5
1a93bd91c27c9497fa6f75a14028b9b2bfd85278649f410a989edb6514b707c4
1f6716ff84aa4bd8be92dbbee5184a532b6772e1f6a9bdb92358e1310589fbbc
290c325ccbea6416874c6945ed6ddfb9830acae8f299a435c93e07fceeb4c645
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
41b28cbc395267a238f0f0c3f6c07cad252491c50550478ec71899c7bccb8830
5528dcdc01c5bfe263e1517b7ba70949d0473493ddf2b93d71df764d42cf9c82
5703b62fe5f12c7634502a5b0f0b99f37fabf7c456e7d116d58199caed3c1e11
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
7f87125c634e610d67895e7d828c3bdf3bcc9b9fde0b667836e31f03b90ac461
b125a8bb1ee66224cd99c9c6daae0a99d3663c1aefad2c49d61568ea6c86ef12
b4fefbdbdfd02789d95647f2f260692041bd288c664079baba7a78340aa0f31a
bd9dd5724d61c3cc2b3eaa004e3389798fef41aa92a17d82f47ae83face2e8f4
ccca7b5231dfb7ec24eb77bfb861b2a1f8cdfa5ae0e9557d12ad20ab51ff64fd
db6592014810b5d7afb9e1eb807ff3a6996141fac07227e7e0d11b2f0ed1443d
dc70837b9fafa7016bacac38082cbf4a22df9fdc5a4c412af5f6052681580b3a
e2016ab933817845c6bca46de5c80793c2e3baa94fdd467589a0ca47ebdb9676
e4b9d5babf1be93b2e0a01d2e2c7418496d5c64ae7f556ce4961751cf96c4867