URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Submission: On May 18 via manual from HK

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 26 HTTP transactions. The main IP is 46.252.181.104, located in France and belongs to MAGICRETAIL, FR. The main domain is formation.bienvenue.pro.
TLS certificate: Issued by R3 on April 9th 2021. Valid for: 3 months.
This is the only time formation.bienvenue.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 46.252.181.104 43424 (MAGICRETAIL)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:1b:... 54113 (FASTLY)
8 104.18.72.113 13335 (CLOUDFLAR...)
3 2a04:4e42:3::621 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
2 104.16.51.111 13335 (CLOUDFLAR...)
26 11
Domain Requested by
8 static.zdassets.com formation.bienvenue.pro
static.zdassets.com
4 cdn.jsdelivr.net formation.bienvenue.pro
3 fonts.gstatic.com fonts.googleapis.com
2 bienvenue.zendesk.com static.zdassets.com
2 cdnjs.cloudflare.com formation.bienvenue.pro
2 stackpath.bootstrapcdn.com formation.bienvenue.pro
2 formation.bienvenue.pro formation.bienvenue.pro
1 ekr.zdassets.com static.zdassets.com
1 code.jquery.com formation.bienvenue.pro
1 fonts.googleapis.com formation.bienvenue.pro
26 10

This site contains links to these domains. Also see Links.

Domain
bsoft.fr
Subject Issuer Validity Valid
formation.bienvenue.pro
R3
2021-04-09 -
2021-07-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-11 -
2022-03-26
10 months crt.sh
ssl911790.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-04-07 -
2021-10-14
6 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
bienvenue.zendesk.com
Cloudflare Inc ECC CA-3
2021-05-04 -
2022-05-03
a year crt.sh

This page contains 2 frames:

Primary Page: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Frame ID: 1AF37B3F55066426D0FD554558AC725E
Requests: 18 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Frame ID: A4D5FED295FF2C350EE369F4B52A0A0D
Requests: 8 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

26
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

504 kB
Transfer

1835 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
formation.bienvenue.pro/websign/revision/
12 KB
4 KB
Document
General
Full URL
https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.104 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
10d700eb30dae143f3f4aa829d59da5d7a85de47b0421b922a9ca12748cbab19

Request headers

Host
formation.bienvenue.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 07:35:34 GMT
Server
Apache
Set-Cookie
PHPSESSID=tmj1i6bma3ahnfset5v9t3c39h; path=/; secure; HttpOnly; SameSite=lax
Cache-Control
max-age=0, must-revalidate, private
Expires
Tue, 18 May 2021 07:35:34 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Sozu-Id
01F5Z6DH4H0H7G51D0PSM6CTDP
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/
157 KB
21 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617
age
88857
cdn-cachedat
2021-05-17 08:48:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1fffddaa0000145a249a8000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3b2c6728fa6f60a9b8c1c8f5ea11b5a8
cf-ray
651368dc4f5b145a-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
4 KB
606 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Barlow:300,400,500,600
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
064881756bffa57f1e7b93194e7bbb6f1be2f2d2a13388d3482d38ee41d607e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 07:35:35 GMT
server
ESF
date
Tue, 18 May 2021 07:35:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 07:35:35 GMT
style.css
formation.bienvenue.pro/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://formation.bienvenue.pro/css/style.css?1619199224
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.104 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
Apache /
Resource Hash
84bb90eb03ebb6fd770cfaeeee73825379ab110f32e9e4155dce75118cfc3163

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
formation.bienvenue.pro
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Cookie
PHPSESSID=tmj1i6bma3ahnfset5v9t3c39h
Connection
keep-alive
Referer
https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 07:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Apr 2021 10:58:21 GMT
Server
Apache
ETag
"264e-5c12e7d7f7250-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Sozu-Id
01F5Z6DH4H0H7G51D0PSM6CTDP
Accept-Ranges
bytes
Content-Length
2677
solid.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/
728 B
616 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/solid.css
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb45f0b4cef75bc54c27dbd2d63c87da0f650c80774691e354f875579a791a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
293899
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
294
cf-request-id
0a1fffddaa0000d72dc7156000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VMHwYLZa10rTuXS2%2B5vFpAwW8LI5be55zwkJ0uvr0cxJtvsm1isPj1IZiQVfQ4VAc9nndAEQqufpd8ONaQzP06yRW9vC9CuoyGkrc%2BAHFphfk8sbKzc%2B06lU7MoulHSuBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
651368dc4f8bd72d-FRA
expires
Sun, 08 May 2022 07:35:35 GMT
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/
54 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/fontawesome.min.css
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2497c86ab4ee0c6eb7d6d0f091235dffb12c5ada42b159bc5245b131f6ef2509
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2140952
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9871
cf-request-id
0a1fffddab0000d72dbe310000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-d9cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUS8USzzgwNNtnyYDuMbSwSSQgSBZgA5iqsQApTxon4c9c81vLzlAFlWSj9tpSOtNyiofMdYltphvmdPHrOKA5CUn45H4QZFN2sesSAe74xIkVrPAR0KcR3lTjWp0KIpSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
651368dc4f8dd72d-FRA
expires
Sun, 08 May 2022 07:35:35 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1621323335.dop241.fr8.t,1621323335.cds267.fr8.hn,1621323335.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
8411781
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19182-FRA, cache-hhn4076-HHN
date
Tue, 18 May 2021 07:35:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/
59 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718
age
88580
cdn-cachedat
2021-05-17 08:55:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1fffddaa0000145a54299000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
eb2289735a00bc48d57a2ca348c77800
cf-ray
651368dc4f5e145a-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
snippet.js
static.zdassets.com/ekr/
19 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
34
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
2WNB8YZQZW7FQNT4
x-amz-id-2
kmHGLZkJirQkLnmQbwxhNLD1QyuitDkiHtBHuoyIk+sPBG5ikCiHw2F/MAgqZuPQLuSQktIHdOU=
last-modified
Mon, 22 Mar 2021 23:03:57 GMT
server
cloudflare
etag
W/"7f3954777ce44f906bb3321e70ee7f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=55%2BN%2FkFjFCXn7EVWhL0vqnoehok22SM1zrvCe%2FEQV2YcS1FQPJ%2BTP7KKYcKekLR93BmNXsOH6gwP1PNH8W1vFcqNeZ77bQuMpklgzW%2Ffhydo9WBp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
P4XOTo3aAnEAKNAMiAOtpa5tDFHuuBXV
cf-request-id
0a1fffddd0000032bdb4a7f000000001
cf-ray
651368dc7f9532bd-CDG
signature_pad.min.js
cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/
9 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/signature_pad@2.3.2/dist/signature_pad.min.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1234893
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3208
etag
W/"24a3-Hz6UHjN3nLm4eqRzZSIFQAOXWvk"
x-served-by
cache-fra19169-FRA
date
Tue, 18 May 2021 07:35:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@9.5.4/dist/
68 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@9.5.4/dist/sweetalert2.all.min.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b25bd4529a20fbeb6c6a21fcfce288ac73b93972afb00dbbbd92b227439254f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
886919
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17004
etag
W/"10f36-7qr4WwMdcj4Tx5qpDGkGBxK6RT8"
x-served-by
cache-fra19169-FRA
date
Tue, 18 May 2021 07:35:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
polyfill.js
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/
9 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.js
Requested by
Host: formation.bienvenue.pro
URL: https://formation.bienvenue.pro/websign/revision/8CFA46B1E13E01C8C05BB31660F0FE408C332EB9849B9ABC02C3742EB1D4EC21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0703a79875a2bbfadbdf5c197e5eeb823ab393748d4abace103d53ec2db1f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1951
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2524
etag
W/"2256-1uCtC22UB2fl4FybLuH5+K90aoU"
x-served-by
cache-fra19169-FRA
date
Tue, 18 May 2021 07:35:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 23:17:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:49 GMT
server
sffe
age
548297
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20348
x-xss-protection
0
expires
Wed, 11 May 2022 23:17:18 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 01:14:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:46 GMT
server
sffe
age
22874
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
expires
Wed, 18 May 2022 01:14:21 GMT
7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://formation.bienvenue.pro
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 00:43:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:33 GMT
server
sffe
age
24712
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21072
x-xss-protection
0
expires
Wed, 18 May 2022 00:43:43 GMT
a97fcfed-86d0-4897-9b46-a75437d1520d
ekr.zdassets.com/compose/
531 B
1013 B
XHR
General
Full URL
https://ekr.zdassets.com/compose/a97fcfed-86d0-4897-9b46-a75437d1520d
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55253dd13d249bc7f3b96244dc2f2871cb5adcf42b886993b5df44ca83bcbce4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:35 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
cf-request-id
0a1fffde690000edcbbf85b000000001
x-request-id
47c5a3d6-d92e-462b-a58f-0ecc4a5181e5
x-runtime
0.003027
server
cloudflare
etag
W/"55253dd13d249bc7f3b96244dc2f2871"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9%2FiGzTeFtC5hpsjyOff2e%2BffEjG2xLu%2BeNI93KUhxF6s%2BjKj8ZVSIr6VyXt85R2BIW3aCAeE5vJeXjD589ztHFShaEzhIxgQVbOw8DRGwJH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
651368dd7926edcb-CDG
preload.3514867620a9250ef236.js
static.zdassets.com/web_widget/latest/ Frame A4D5
93 KB
29 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc30adc74896be2376cd077c57fcf285c0d8c0a7bb0de79090ddf0a92f2c6d3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3698
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
DVGEW71KNZ8QH4HP
x-amz-id-2
+DcLFCHNZlkD7K5xB+ltjdTzvFxVQmwb8Lgz2XNHr5CKwSavHk8EXHVMz9RVwSobXKA/v2AFbaQ=
last-modified
Tue, 18 May 2021 05:27:14 GMT
server
cloudflare
etag
W/"6e1090d54b986d0de5eed0619fd2f3ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UJ%2B0dOfBm5PWs70GUjiRU%2BXIofONhtuRCmdDZG3QV8%2B3gISsSGtCiqR90E6qkc9JSWtG%2FwJA52plNeRcR6MBdwoqhBAAXiklyGI3cKLWkEdQkMzX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
2bfKjd7yHAHiNu14ZTWmH4WR8iVksFCj
cf-request-id
0a1fffe138000032bda19ab000000001
cf-ray
651368e1fdde32bd-CDG
expires
Wed, 18 May 2022 05:27:13 GMT
framework.c9d410b60ba9719f9ce2.chunk.js
static.zdassets.com/web_widget/latest/ Frame A4D5
54 KB
17 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/framework.c9d410b60ba9719f9ce2.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04afe69f64c3ae70855e0c194cdf9d35c8274643e03047174356cc23321e01b1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3698
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
DVG1E0D1R85GWA4H
x-amz-id-2
rO1O/orZwMSKLJdS4z6aQARHNVSavp9qnzgk4+3vMx+dlPQkUA7z8COhG/eQw9/l4/sf+NJsg/M=
last-modified
Tue, 18 May 2021 05:26:21 GMT
server
cloudflare
etag
W/"c4166223481c8eed446ad121a0db1742"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Z%2F4KHQQjouTrBPcBpuD3MosIVevmJ0ntJi2tRc5sMzNtUeGX9Ay%2BGBp5mo5cZDoEVdpR5D%2BtSuT2xTCsM0RiKCnunGU7yUeZ70iHqIk%2FVbTiJne"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
86BtXhSw3XDzx2hDC0MN056.fuBc.HwV
cf-request-id
0a1fffe138000032bd9b891000000001
cf-ray
651368e1fddf32bd-CDG
expires
Wed, 18 May 2022 05:26:20 GMT
vendors~framework.77fd6468912b28ec7dca.chunk.js
static.zdassets.com/web_widget/latest/ Frame A4D5
161 KB
50 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~framework.77fd6468912b28ec7dca.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3214bac2b6c028ba6050b7607ef4567754a7042b3a1c05a6868124334d0ad6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1303551
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CGKZ8BYC5VS83CQ3
x-amz-id-2
syQ5uqoAOI7b0VPgk3uMrKGv6Pc6cqW+zWCH7veZ9IPqWoXxIilY1vUyJZYAEGZZE9lTUARKP3k=
last-modified
Mon, 03 May 2021 05:04:49 GMT
server
cloudflare
etag
W/"41fb300e580f7c59c969fff8e349c14f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xHZBLF1yCriBUvCEffC%2FUNlQfSazLktBEpokKiRscoQNl3fA%2F2Ft%2BjH2xT9rdti9f6PWyVcqlhgtwPNo5aDOMALDdqUYzjyhU%2BCipT%2BPTjfbcHqm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
aOBvufiQe4ob2caJNTdqJSL.KFPp8N2H
cf-request-id
0a1fffe139000032bda6077000000001
cf-ray
651368e1fde032bd-CDG
expires
Tue, 03 May 2022 05:04:48 GMT
config
bienvenue.zendesk.com/embeddable/
366 B
1 KB
XHR
General
Full URL
https://bienvenue.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a97fcfed-86d0-4897-9b46-a75437d1520d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1cc517004dacb7350d8b524ef87959730e98bce0dad65f20365b065fa5a004
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://formation.bienvenue.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-97c7c7695-z6zdf
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
cf-request-id
0a1fffe1a80000cdc75418b000000001
x-request-id
651352b94e4f02e0-DUS
x-runtime
0.001066
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b010gMxaqbmVsrXntWLmLm7V2lNt8AwVe5FdkFBsS5ON9xmpIkVFEuPk2p0sPBrESV1ihGM4yBJboth04tAW7mY5XBFEz%2B5nlYupkqPwdwH2qGIkM9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
651368e2a907cdc7-CDG
en-us-json.81c93c29a397263e2f54.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame A4D5
30 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us-json.81c93c29a397263e2f54.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2169639
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
1BJWB822N0N2Z4DV
x-amz-id-2
5RtqebhKrjSVxz48OumxmI0rOEKgRQBSistdaOhEC5kDQQoH/OFLXRVFzzczurMDS47mB7efz3s=
last-modified
Fri, 23 Apr 2021 04:50:31 GMT
server
cloudflare
etag
W/"bfcb6abe12d1784811bf840f9159a6fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f1IH%2F%2FjSZwrUa2mtdaBSOffet45MPtCvWJm8F0A4vB8YeeccRNj7aQiAtVE1BabfYKfhyMgMkLQtDHr0lSDoX9UyBeCUJv09%2BxHybvLThdyj7Ejb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
z9cEntnE8UY_YAaJC7uMP9udzUYTAHRh
cf-request-id
0a1fffe1f8000032bd9b8a2000000001
cf-ray
651368e3287932bd-CDG
expires
Sat, 23 Apr 2022 04:50:30 GMT
web_widget~messenger.0312ce48dc4b805875db.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame A4D5
283 KB
85 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.0312ce48dc4b805875db.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30892b600bc709977b33838e7e66ba37f019e4f12dab29cf69f28c57aa91050
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1303551
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CGKHKEK7NGB4T2PW
x-amz-id-2
a8HchwrNV6RzKcprC2viy/UfBGO/jvxPOvYwT4GgjoC5kcP1sGm4FnLN2xu2csyFQDPX5WRZmfw=
last-modified
Mon, 03 May 2021 05:04:50 GMT
server
cloudflare
etag
W/"0b5af12395443e6f33ba197fd1e0c0ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UTRF%2BQ4bgLNKTJrBWOZ8m%2BmowIVcJ7oidtJK54eqCSpsBBttzRKcWhILGXIZVrT1B3v4hj%2B26dr32m0plkhbYW5aguSJUc9XfQ%2F%2FgBUzDtUN8Ii5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7DXan2WJ1Nrs_UodTgTQN_dMWAkXMx_Q
cf-request-id
0a1fffe201000032bdc33bd000000001
cf-ray
651368e3288432bd-CDG
expires
Tue, 03 May 2022 05:04:49 GMT
web_widget.b354a725d0903b46a02c.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame A4D5
175 KB
43 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.b354a725d0903b46a02c.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3073cad483f6ed9c484cd090b0a3c7041c7a869e778f99cb4d8fbc038b1761cf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1303551
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
CGKGA94YABGMYEYE
x-amz-id-2
eenXcwT7NBYVSRIMV0LKQfLrPLZywC+eHfWzPtQ8nSzYrp0XGaw1Dg+QJs8dnd1tLbNSerio4qk=
last-modified
Mon, 03 May 2021 05:04:50 GMT
server
cloudflare
etag
W/"dbb679c0c448869b30c425845c23c8e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r7WbNwCtD%2BmSAbrcp2yH6dZ2zgmDhbYKnQmSKFXhtNaNDjxxqN%2B9O%2FMHag59kBltpHmq7%2Be2%2B85DihWLJq8FcPoPonk6puKz%2BQxB9WZzFj7H4BJf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
9PYPmaDP7.SGH8hDHQ1Dng3hrHPYSNCh
cf-request-id
0a1fffe1fb000032bd54953000000001
cf-ray
651368e3288632bd-CDG
expires
Tue, 03 May 2022 05:04:49 GMT
web_widget.1b6ce38dbe17885039a9.chunk.js
static.zdassets.com/web_widget/latest/lazy/ Frame A4D5
470 KB
90 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/lazy/web_widget.1b6ce38dbe17885039a9.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.3514867620a9250ef236.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cab5bd3dfb3cf15f8e39d44239148283e5b3bbe736004605dbcbd2c2280f860
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
27
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
DVGDKA03MNRAN2CS
x-amz-id-2
oDpv/DXBuVqAP+HO8hf5srRX2nw/ypiR+6ziERHBx6xib2my8QNA4rK9SsuNT89sSy5RwRQ5v7o=
last-modified
Tue, 18 May 2021 05:26:22 GMT
server
cloudflare
etag
W/"666d1f122afc45a7b52dad8b89129106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QtkqzJVKfJN7kqRI4MISO6odVLWM4C10zL2VoXiJHrQgp7REytiuOqJog1rbXwj6dLCyAM6AzshnNLJHLZhoZbY1o0%2BkZqYiXpSEaoiJTNtbuNGb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
zmO64HC66IqYIOXctLX6VSpGcmq4CPJF
cf-request-id
0a1fffe1fc000032bd583f5000000001
cf-ray
651368e3288a32bd-CDG
expires
Wed, 18 May 2022 05:26:21 GMT
embeddable_blip
bienvenue.zendesk.com/ Frame A4D5
0
365 B
XHR
General
Full URL
https://bienvenue.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9mb3JtYXRpb24uYmllbnZlbnVlLnByby93ZWJzaWduL3JldmlzaW9uLzhDRkE0NkIxRTEzRTAxQzhDMDVCQjMxNjYwRjBGRTQwOEMzMzJFQjk4NDlCOUFCQzAyQzM3NDJFQjFENEVDMjEiLCJ0aW1lIjo0MywibG9hZFRpbWUiOjQ2Ljk4NTAwMDM3MTkzMjk4LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiQmllbnZlbnVlIEZvcm1hdGlvbiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgc2hyaW5rLXRvLWZpdD1ubyIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiNDFkMGRmODhlNTVlOTgxZjkxMTY0YTIxYzRkYWQwMjAiLCJzdWlkIjoiNDY0YWZhMGYxYTExNDhlYjI0MWU3ODIwNGMyYzYzNGIiLCJ2ZXJzaW9uIjoiNWJmYzM0NDY1IiwidGltZXN0YW1wIjoiMjAyMS0wNS0xOFQwNzozNTozNi4zOTNaIiwidXJsIjoiaHR0cHM6Ly9mb3JtYXRpb24uYmllbnZlbnVlLnByby93ZWJzaWduL3JldmlzaW9uLzhDRkE0NkIxRTEzRTAxQzhDMDVCQjMxNjYwRjBGRTQwOEMzMzJFQjk4NDlCOUFCQzAyQzM3NDJFQjFENEVDMjEifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~framework.77fd6468912b28ec7dca.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:35:36 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hxrTIpNdFMBrqRJtuXB%2FubM2HYisMtQEIEl%2B65f5wSYtJkD0lv1kZ493T0lvkLYfulHzL2C16MHZTdPfJ0%2BmyJv2UyUjrLibZBPFGS%2BfXINwKMso3KA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://formation.bienvenue.pro
cache-control
no-store, no-cache, must-revalidate
cf-ray
651368e48c57cdc7-CDG
cf-request-id
0a1fffe2d20000cdc790a30000000001

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| zEWebpackACJsonp function| zE function| zEmbed function| SignaturePad function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| Signature_Manager_Js boolean| zEACLoaded function| $zopim

1 Cookies

Domain/Path Name / Value
formation.bienvenue.pro/ Name: PHPSESSID
Value: tmj1i6bma3ahnfset5v9t3c39h

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bienvenue.zendesk.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
formation.bienvenue.pro
stackpath.bootstrapcdn.com
static.zdassets.com
104.16.51.111
104.18.70.113
104.18.72.113
2001:4de0:ac18::1:a:3a
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a04:4e42:1b::621
2a04:4e42:3::621
46.252.181.104
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
04afe69f64c3ae70855e0c194cdf9d35c8274643e03047174356cc23321e01b1
064881756bffa57f1e7b93194e7bbb6f1be2f2d2a13388d3482d38ee41d607e1
10d700eb30dae143f3f4aa829d59da5d7a85de47b0421b922a9ca12748cbab19
1e1cc517004dacb7350d8b524ef87959730e98bce0dad65f20365b065fa5a004
2497c86ab4ee0c6eb7d6d0f091235dffb12c5ada42b159bc5245b131f6ef2509
3073cad483f6ed9c484cd090b0a3c7041c7a869e778f99cb4d8fbc038b1761cf
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04
55253dd13d249bc7f3b96244dc2f2871cb5adcf42b886993b5df44ca83bcbce4
5be8af36f5639905fa153945d12f9208332302e4d534acc7d7afa442f4567138
67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6cab5bd3dfb3cf15f8e39d44239148283e5b3bbe736004605dbcbd2c2280f860
84bb90eb03ebb6fd770cfaeeee73825379ab110f32e9e4155dce75118cfc3163
8a3214bac2b6c028ba6050b7607ef4567754a7042b3a1c05a6868124334d0ad6
9b25bd4529a20fbeb6c6a21fcfce288ac73b93972afb00dbbbd92b227439254f
a0703a79875a2bbfadbdf5c197e5eeb823ab393748d4abace103d53ec2db1f50
bdc30adc74896be2376cd077c57fcf285c0d8c0a7bb0de79090ddf0a92f2c6d3
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cdb45f0b4cef75bc54c27dbd2d63c87da0f650c80774691e354f875579a791a7
e30892b600bc709977b33838e7e66ba37f019e4f12dab29cf69f28c57aa91050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d