www.castorama.fr Open in urlscan Pro
2600:9000:26da:6a00:18:b447:1380:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/Gmi8LfZnMQ
Effective URL:
https://www.castorama.fr/certffcat-ssl.com
Submission: On March 07 via api (March 7th 2024, 1:55:44 am UTC) from LU — Scanned from DE

Summary HTTP 71 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 17 domains to perform 71 HTTP transactions. The main IP is 2600:9000:26da:6a00:18:b447:1380:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.castorama.fr. The Cisco Umbrella rank of the primary domain is 730855.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 17th 2023. Valid for: a year.

This is the only time www.castorama.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	2403:3a00:201... 2403:3a00:201:1a:49:212:180:49	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
1 1	81.148.213.121 81.148.213.121	2856 (BT-UK-AS ...) (BT-UK-AS BTnet UK Regional network)
1 35	2600:9000:26d... 2600:9000:26da:6a00:18:b447:1380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.19.96.152 2.19.96.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	3.161.82.76 3.161.82.76	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.112 13.32.121.112	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:235... 2600:9000:235a:c600:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	13.224.189.87 13.224.189.87	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2604:cac0:118... 2604:cac0:118:101::4	11019 (HAPROXY-T...) (HAPROXY-TECHNOLOGIES)
1	104.22.50.214 104.22.50.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.30.232.18 52.30.232.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	23.215.21.96 23.215.21.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.83.71.170 54.83.71.170	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:480... 2a02:26f0:480:9b8::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.213.34.91 52.213.34.91	16509 (AMAZON-02) (AMAZON-02)
2	63.32.156.9 63.32.156.9	16509 (AMAZON-02) (AMAZON-02)
2	193.70.103.218 193.70.103.218	16276 (OVH) (OVH)
2	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
71	21

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2403:3a00:201:1a:49:212:180:49 (Japan) 1 redirects

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)

nagoya.nikke-tennis.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.148.213.121 (Wirral, United Kingdom) 1 redirects

ASN2856 (BT-UK-AS BTnet UK Regional network, GB)

castorama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2600:9000:26da:6a00:18:b447:1380:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.castorama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.96.152 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-152.deploy.static.akamaitechnologies.com

edge1.certona.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.161.82.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-76.fra56.r.cloudfront.net

ccl-prod.cache.ap.digikfplc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-112.fra60.r.cloudfront.net

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:235a:c600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.189.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-87.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2604:cac0:118:101::4 (United States)

ASN11019 (HAPROXY-TECHNOLOGIES, US)

via.batch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.50.214 (None, )

ASN13335 (CLOUDFLARENET, US)

api.woosmap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.232.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-232-18.eu-west-1.compute.amazonaws.com

api.kingfisher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.21.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-21-96.deploy.static.akamaitechnologies.com

se.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.71.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-71-170.compute-1.amazonaws.com

cdns.brsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9b8::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s7g10.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.34.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-34-91.eu-west-1.compute.amazonaws.com

f.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.156.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-156-9.eu-west-1.compute.amazonaws.com

p-eu.brsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.70.103.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-193-70-103.eu

ws.batch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	castorama.fr 2 redirects castorama.fr — Cisco Umbrella Rank: 618393 www.castorama.fr — Cisco Umbrella Rank: 730855	1 MB
6	batch.com via.batch.com — Cisco Umbrella Rank: 33557 ws.batch.com — Cisco Umbrella Rank: 20389	41 KB
4	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3297	97 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1234	43 KB
4	digikfplc.com ccl-prod.cache.ap.digikfplc.com — Cisco Umbrella Rank: 136522	9 KB
3	brsrvr.com cdns.brsrvr.com — Cisco Umbrella Rank: 12161 p-eu.brsrvr.com — Cisco Umbrella Rank: 33571	22 KB
3	monetate.net se.monetate.net — Cisco Umbrella Rank: 6515 f.monetate.net — Cisco Umbrella Rank: 9788	68 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 898 logx.optimizely.com — Cisco Umbrella Rank: 1580	4 KB
2	kingfisher.com api.kingfisher.com — Cisco Umbrella Rank: 112884	1 KB
1	scene7.com s7g10.scene7.com — Cisco Umbrella Rank: 61261	4 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	136 KB
1	woosmap.com api.woosmap.com — Cisco Umbrella Rank: 68266	555 B
1	truste.com consent.truste.com — Cisco Umbrella Rank: 9101	13 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 316	28 KB
1	certona.net edge1.certona.net — Cisco Umbrella Rank: 15707	4 KB
1	nikke-tennis.jp 1 redirects nagoya.nikke-tennis.jp	131 B
1	t.co t.co — Cisco Umbrella Rank: 674	623 B
71	17

	Domain	Requested by
35	www.castorama.fr	1 redirects t.co www.castorama.fr
4	via.batch.com	www.castorama.fr via.batch.com
4	consent.trustarc.com	consent.truste.com www.castorama.fr
4	tags.tiqcdn.com	www.castorama.fr tags.tiqcdn.com
4	ccl-prod.cache.ap.digikfplc.com	www.castorama.fr
2	logx.optimizely.com	www.castorama.fr
2	ws.batch.com	www.castorama.fr
2	p-eu.brsrvr.com	www.castorama.fr
2	se.monetate.net	tags.tiqcdn.com se.monetate.net
2	api.kingfisher.com	www.castorama.fr
1	f.monetate.net	se.monetate.net
1	s7g10.scene7.com	www.castorama.fr
1	cdns.brsrvr.com	tags.tiqcdn.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	api.woosmap.com	www.castorama.fr
1	cdn.optimizely.com	www.castorama.fr
1	consent.truste.com	www.castorama.fr
1	www.googletagservices.com	www.castorama.fr
1	edge1.certona.net	www.castorama.fr
1	castorama.fr	1 redirects
1	nagoya.nikke-tennis.jp	1 redirects
1	t.co
71	22

This site contains links to these domains. Also see Links.

Domain
www.needhelp.com
www.18h39.fr
docs.google.com
emploi.castorama.fr
presse.castorama.fr
www.quickfds.com
castorama.sourdline.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.pinterest.fr
www.linkedin.com

Subject Issuer	Validity	Valid
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
www.castorama.fr GlobalSign GCC R3 DV TLS CA 2020	`2023-07-17` - `2024-08-17`	a year	crt.sh
www.certona.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.cache.ap.digikfplc.com Amazon RSA 2048 M02	`2023-05-14` - `2024-06-11`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
via.batch.com R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
woosmap.com Cloudflare Inc ECC CA-3	`2023-08-08` - `2024-08-06`	a year	crt.sh
api.kingfisher.com GlobalSign Extended Validation CA - SHA256 - G3	`2023-08-14` - `2024-09-14`	a year	crt.sh
www.monetate.net DigiCert TLS RSA SHA256 2020 CA1	`2023-06-30` - `2024-06-29`	a year	crt.sh
*.brsrvr.com Go Daddy Secure Certificate Authority - G2	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.scene7.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-11` - `2024-11-13`	a year	crt.sh
*.monetate.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-09-27`	a year	crt.sh
*.batch.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-29` - `2024-11-28`	a year	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-02-08` - `2024-05-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.castorama.fr/certffcat-ssl.com
Frame ID: AD7542A898DDD38DD9AB34C62958CEA4
Requests: 68 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=castorama.com
Frame ID: 5E18D084E5F16682CF771BE56AAB998C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bricolage, jardinage et aménagement de la maison | CastoramaMenuQue recherchez-vous ?Carte CastoramaMenuPage précédenteFermerFermerFermerFermerFermerSourdline espace sourd

Page URL History Show full URLs

https://t.co/Gmi8LfZnMQ Page URL
https://nagoya.nikke-tennis.jp/?wptouch_switch=desktop&redirect=http%3A%2F%2Fcastorama.fr//certffcat-ssl.com/ HTTP 302
http://castorama.fr//certffcat-ssl.com/ HTTP 301
https://www.castorama.fr//certffcat-ssl.com/ HTTP 301
https://www.castorama.fr/certffcat-ssl.com Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

99 %
HTTPS

36 %
IPv6

17
Domains

22
Subdomains

21
IPs

7
Countries

1962 kB
Transfer

7330 kB
Size

21
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.needhelp.com/projet.php?num=0207&utm_source=100&utm_campaign=casto&utm_medium=website
Title: Trouver un bricoleur

Search URL Search Domain Scan URL

URL: https://www.18h39.fr/
Title: Le magazine 18h39

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSee9_TnFeAmvI0hD6S-vtuml6HpXNA0z7UerF-KlREuHmNUzg/viewform
Title: Annuler votre commande

Search URL Search Domain Scan URL

URL: https://emploi.castorama.fr/
Title: Rejoignez-nous

Search URL Search Domain Scan URL

URL: https://presse.castorama.fr/
Title: Espace presse

Search URL Search Domain Scan URL

URL: https://www.quickfds.com/casto/
Title: Fiches de sécurité

Search URL Search Domain Scan URL

URL: https://castorama.sourdline.com/
Title: Sourdline espace sourdSourdline espace sourd

Search URL Search Domain Scan URL

URL: https://www.facebook.com/castorama/

Search URL Search Domain Scan URL

URL: https://twitter.com/castorama_fr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/castoramafrance

Search URL Search Domain Scan URL

URL: https://www.instagram.com/castorama_france/

Search URL Search Domain Scan URL

URL: https://www.pinterest.fr/castorama/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/castorama/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/Gmi8LfZnMQ Page URL
https://nagoya.nikke-tennis.jp/?wptouch_switch=desktop&redirect=http%3A%2F%2Fcastorama.fr//certffcat-ssl.com/ HTTP 302
http://castorama.fr//certffcat-ssl.com/ HTTP 301
https://www.castorama.fr//certffcat-ssl.com/ HTTP 301
https://www.castorama.fr/certffcat-ssl.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Gmi8LfZnMQ
t.co/ 493 B
623 B 140ms
118ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/Gmi8LfZnMQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 251
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 01:55:33 GMT
expires: Thu, 07 Mar 2024 02:00:34 GMT
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 29cf7c7eed648f3b74a4041da76d394444bdf7b63ca48dddf0619624f002cc59
x-response-time: 112
x-transaction-id: 19b5024827d80125
x-xss-protection: 0

GET
H2

404

Primary Request certffcat-ssl.com Show response
www.castorama.fr/
Redirect Chain

https://nagoya.nikke-tennis.jp/?wptouch_switch=desktop&redirect=http%3A%2F%2Fcastorama.fr//certffcat-ssl.com/
http://castorama.fr//certffcat-ssl.com/
https://www.castorama.fr//certffcat-ssl.com/
https://www.castorama.fr/certffcat-ssl.com

1001 KB
144 KB

431ms
430ms

Document
text/html

2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/certffcat-ssl.com

Requested by

Host: t.co
URL: https://t.co/Gmi8LfZnMQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

75f9a4cd666ee689716b409b12fd1d789716752899b5d37812a2a10cd3d1e045

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.co/Gmi8LfZnMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache="Set-Cookie"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 01:55:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
server-timing: dtSInfo;desc="0", dtRpid;desc="-992407460"
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding,Accept-Encoding
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-id: a6i9Q-6VJ0Y56opVqVI-pDDasinuTkESisxo89Z8JnBxVDOHxBy0Fw==
x-amz-cf-pop: MUC50-P4
x-cache: Error from cloudfront
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-fstrz: stc,Z,p
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-unique-id: 3ce22a7aa08f7d0055048d110d1b8c5f
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-xss-protection: 1; mode=block

Redirect headers

age: 15
content-length: 0
date: Thu, 07 Mar 2024 01:55:23 GMT
location: /certffcat-ssl.com
server: CloudFront
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-id: k8iauAqz_4OslQUw-FaMcnGFjvnJbWCRhNrS9CZkLC_VSk0oJSUpmw==
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront

GET
H2 200 ruxitagentjs_A27NVfghjqrtux_10267230522124059.js Show response
www.castorama.fr/ 199 KB
67 KB 58ms
56ms Script
text/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/ruxitagentjs_A27NVfghjqrtux_10267230522124059.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2345ee038c30c2ff6bc5c288ca99f522808d8ebfc33940e2ea619e7aad99b28a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-cf-pop: MUC50-P4
age: 14
x-cache: Hit from cloudfront
content-length: 67059
x-gen-id: 3de7797807a3a77811d3968b52c65d5d
x-xss-protection: 1; mode=block
x-unique-id: a2a852da931ebadbf45fcd352d5b97e9
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: ZLwxaJ7tiuOWAIU6v8y1_oVQUVbc2Sw9b559KRHPnLq7k2_EAEmzBA==
expires: Sat, 30 Mar 2024 21:15:45 GMT

GET
H2 200 CastoPro-Regular.woff2
www.castorama.fr/spa/fonts/ 17 KB
18 KB 19ms
17ms Font
font/woff2 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/fonts/CastoPro-Regular.woff2

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b616b865d93e0567ef3e6aafbc06aa994d982d47aa70397b11594d4271471475

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.castorama.fr/certffcat-ssl.com
Origin: https://www.castorama.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Fri, 29 Mar 2024 12:34:08 GMT
date: Thu, 29 Feb 2024 06:47:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 587291
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 17092
x-xss-protection: 1; mode=block
x-gen-id: 08fd2dabc0cd8fd8e8a9ca58da653048
referrer-policy: strict-origin-when-cross-origin
x-unique-id: cd3c9a7e6cb8d7d53dd9c988e71fb8bb
last-modified: Fri, 23 Feb 2024 12:58:13 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: u9UF3nCLeKxWvW4gi11JklttMKLoCKXBRs5qR5pAOcckaB31bIzejQ==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 CastoPro-Bold.woff2
www.castorama.fr/spa/fonts/ 17 KB
18 KB 22ms
20ms Font
font/woff2 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/fonts/CastoPro-Bold.woff2

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5d01a30a1e8c747cec5bcef2f2e8441f99af103a3c9f2a7e407b12cc2f0d7b92

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.castorama.fr/certffcat-ssl.com
Origin: https://www.castorama.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 14:38:27 GMT
date: Sat, 17 Feb 2024 23:06:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1565329
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 17380
x-xss-protection: 1; mode=block
x-gen-id: 3b35334ed427a224150b7812e498bd6d
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 9bf460fb73d52ae4ca3cf53a56fbaaac
last-modified: Fri, 09 Feb 2024 18:37:01 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://www.castorama.fr
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: Hxwg7FwgY3Th88IxLFccxLoT52f7Sc5DhB-lbkdcDtXdliqhSCHd6A==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 hash-71196dbce43de68fb4e9.css
www.castorama.fr/spa/ 189 KB
33 KB 31ms
30ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/hash-71196dbce43de68fb4e9.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

890bc991b3759d0d0b0a59a1b7339ecadb0e70a1f57cc4c27f8de68575754deb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 16:47:58 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 32585
x-xss-protection: 1; mode=block
x-gen-id: 04c27481a150041117072b3d1edd22ad
referrer-policy: strict-origin-when-cross-origin
x-unique-id: caf57392224097219a4225c1fb959817
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: CpVf8sG61pMaf4o-CU_In8ncZ6rGq6Qa4v9FnR57PlBrG_L-ww8VnA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 1.hash-c60b8e53c2ce1750144d.css
www.castorama.fr/spa/ 4 KB
2 KB 37ms
35ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/1.hash-c60b8e53c2ce1750144d.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

15a9489879b3aacaf471cd51c79b74f7621fd19a3f6f94609ccea490fafb506e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 31 Mar 2024 16:43:07 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 1206
x-xss-protection: 1; mode=block
x-gen-id: 152dd77f1ed6f57b1d09c0a4413cc372
referrer-policy: strict-origin-when-cross-origin
x-unique-id: d3ff5a88c3498280bdb3788cd3bd2467
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: -b2dOmOdHeRUtlP0WOmeoASjxMzFFK-K4imntEGtuI07KRdS019uDg==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 21.hash-328b1bcba8318677c0ce.css
www.castorama.fr/spa/ 839 B
2 KB 34ms
32ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/21.hash-328b1bcba8318677c0ce.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cabff23d2851fd68cd51a015e5989e1fb7f850533542d5506987a939d20bbd5e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:15:46 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 329
x-xss-protection: 1; mode=block
x-gen-id: e32492cf7979b7a3cbf82ea1ee7d5495
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 24853d895d5e6c92499fa693bdbd412d
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: dPFlztyNEQZNhbhrotUcUrcHU38bwXJIyvtlDjlx7epR4nBLdpUufw==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 8.hash-128547102990dc17e751.css
www.castorama.fr/spa/ 3 KB
2 KB 38ms
37ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/8.hash-128547102990dc17e751.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

27622eb41ed93f5f35e8d5c18e58452ee444d1f8b4ed5fd55249c7db3bb8937e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:15:42 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 1113
x-xss-protection: 1; mode=block
x-gen-id: 66039c680e82c189ac51e07a26be5e32
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 08e56477ba1d0ec3a046641c13fb60b6
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: Y9mxEoOrMMdghHPvwsLjBo7ezDEHlpcm3Vz7i6Aicr5cxh3xgJBCJQ==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 11.hash-af2eda42db813bfebae8.css
www.castorama.fr/spa/ 2 KB
2 KB 34ms
33ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/11.hash-af2eda42db813bfebae8.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e5afe90ec74b143c30c05e45be2328b800e6ac787be276fab654726413eb7994

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 13:27:10 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 556
x-xss-protection: 1; mode=block
x-gen-id: b971dcacf24086b6acbd233d20a4aaed
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 8b12a775b8f35436a2a95f327b9a306b
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: j1SW8xiSlIaeBh3hl0zTVH25jZya99J81aBp88YhO0DqGaymeWE_6w==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 121.hash-e465cd7eaf8d4bab64d0.css
www.castorama.fr/spa/ 14 KB
5 KB 35ms
34ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/121.hash-e465cd7eaf8d4bab64d0.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

436fc4bb8bb2f470df3e9dba270cd7b85afb2374b0f4874a1587b8a1e247e95a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:15:42 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 3412
x-xss-protection: 1; mode=block
x-gen-id: f0e19368eecf6619ededd222bede26a0
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 103fe6b2d3ef0e40644b3680e0dc7528
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: tcGfJYRUenuGp8PByMncjfIX6BpY59VhIc2mAnwSS-RH3mvx4iUQvQ==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 213.hash-d682e591841fbfb17ba3.css
www.castorama.fr/spa/ 1 KB
2 KB 36ms
35ms Stylesheet
text/css 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/213.hash-d682e591841fbfb17ba3.css

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5b30e268a50407b81a9a86f7b0f109a58008ef95e5e327f2953ab8025a2ed3cc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:15:42 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 441
x-xss-protection: 1; mode=block
x-gen-id: c8cfd5379965e3b3639208e09fa50eb3
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 364e0395eb9817947f23a5d6a542281a
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 0Ki-gu2R02ToXtd8f3PmWNy0w7OAsI2wRyziJldYoyd0M3qRrSUtUA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 resonance.js Show response
edge1.certona.net/cd/d7d205e4/www.castorama.fr/scripts/ 9 KB
4 KB 90ms
12ms Script
application/javascript 2.19.96.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://edge1.certona.net/cd/d7d205e4/www.castorama.fr/scripts/resonance.js
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.152 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d785ff3b01afb551d6dc3d36e48c5e81f64c8d0ed6ea9cb078fdfc3fc69aa7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:38 GMT
content-encoding: gzip
last-modified: Fri, 01 Nov 2019 16:58:50 GMT
server
etag: "47738ca2d590d51:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3580
expires: Fri, 08 Mar 2024 01:55:38 GMT

GET
H2 200 jquery.initial.min.js Show response
www.castorama.fr/skins/common/js/ 968 B
2 KB 49ms
47ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/skins/common/js/jquery.initial.min.js?async

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2303fb75fca6c997e66bff98ad4419e2c017fdecb9e3a5d1088af4325eabd861

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:38 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
content-length: 968
x-xss-protection: 1; mode=block
pragma: no-cache
server: CloudFront
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-king-hop: prodw
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: nlawgn704GCNqdrSCeNcU01awof1wOnqd5kdE1yyTasWrYCLPy3GXg==
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 88 KB
28 KB 152ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66084d2c9b5d5681702516130563b87925666bf62b37122746cf98a097e33332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28673
x-xss-protection: 0
server: cafe
etag: 224 / 19789 / 31081636 / config-hash: 3579910646796761783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:55:38 GMT

GET
H2 200 9a573.svg
www.castorama.fr/spa/images/ 8 KB
9 KB 24ms
23ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/9a573.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2edc3fa8848c75dc1bd4ae1d80c00ed83a9672e3894b327c3e24230238a1b1b1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 18106a5c765c40a41ab769210535e67c
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 41ac74340728415ee7237b3038e7e6e2
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 4CXMDjhcLmi3dFpXZ83JMpoKDkE5zbA7Ajy3d_UOAJLoU0R_NCNq2g==
expires: Sun, 31 Mar 2024 16:47:33 GMT

GET
H2 200 syte-camera-nobg.svg
ccl-prod.cache.ap.digikfplc.com/icons/ 2 KB
3 KB 39ms
9ms Image
image/svg+xml 3.161.82.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccl-prod.cache.ap.digikfplc.com/icons/syte-camera-nobg.svg
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41bb4fe3ab19b0985e3c67b8a3721b0ed757899477a474722acbefc53e94d428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: Lipy_M1FRm4mBQCJeGvJdRJnHQcxBUqX
date: Thu, 07 Mar 2024 01:55:33 GMT
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 08:31:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 6
x-amz-server-side-encryption: AES256
etag: "1ed9c6b96971da1b17cfe399f5002fd4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: 'max-age=604800'
accept-ranges: bytes
content-length: 2454
x-amz-cf-id: EmrmBGkV5S0pvoEciHbqjlBTQtDpVapjvztdQWE5xWB3IZ9Bpariew==

GET
H2 200 cafr-store-marker-menuf-fffff-on-0078d7.svg
ccl-prod.cache.ap.digikfplc.com/icons/ 931 B
1 KB 11ms
10ms Image
image/svg+xml 3.161.82.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccl-prod.cache.ap.digikfplc.com/icons/cafr-store-marker-menuf-fffff-on-0078d7.svg
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5d23c27c1a46342a7e2f3e57068d8f1f86b680d8a890ce57bd8ba9849819a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: Pvkvdslfy72DctA5wrUZ2TAYT7_Kla9d
date: Thu, 07 Mar 2024 01:55:32 GMT
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 08:31:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 7
x-amz-server-side-encryption: AES256
etag: "252914f73039446d8d976bce0fb643dd"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: 'max-age=604800'
accept-ranges: bytes
content-length: 931
x-amz-cf-id: Av7duI-19ISPmcORHe9jXlf-SVs6s9DGo1E-M-PjDGGyGuZDPSYzOQ==

GET
H2 200 cafr-search-devices-ffffff-on-0078d7.svg
ccl-prod.cache.ap.digikfplc.com/icons/ 694 B
1 KB 9ms
9ms Image
image/svg+xml 3.161.82.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccl-prod.cache.ap.digikfplc.com/icons/cafr-search-devices-ffffff-on-0078d7.svg
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbce61203c6271d048ed58a47827b2919fb85eae057c73d54df425bfc49a8d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: Nq.44GmMoQSmyjKo.cipaPOPD1KNRQV0
date: Thu, 07 Mar 2024 01:55:32 GMT
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 08:31:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 7
x-amz-server-side-encryption: AES256
etag: "f6798898d484ab03f7c7730bf55a3f1f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: 'max-age=604800'
accept-ranges: bytes
content-length: 694
x-amz-cf-id: Ky5IcnJGWofjXVoFxXr9dJIZpIdBNbauI5khPzlmqv_zwUfBdQmLZw==

GET
H2 200 cafr-basket-ffffff-on-0078d7.svg
ccl-prod.cache.ap.digikfplc.com/icons/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 3.161.82.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccl-prod.cache.ap.digikfplc.com/icons/cafr-basket-ffffff-on-0078d7.svg
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf7d83b1fc11b85c8ce3884b9c8ad594ed918eb2ac6cb82289792a9fcb852e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: upbmMmiAIIGiHTEvmk.ZZMsIPzOOdjIX
date: Thu, 07 Mar 2024 01:55:32 GMT
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 08:31:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 7
x-amz-server-side-encryption: AES256
etag: "5824b70d3baade8df13c07f71ccc944b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: 'max-age=604800'
accept-ranges: bytes
content-length: 3026
x-amz-cf-id: FPLdjL6P2HiZE9rc9Ge_XeME8v25v4YgNqE2W4SWZtMLLxgNu8TEEQ==

GET
H2 200 notice Show response
consent.truste.com/ 40 KB
13 KB 110ms
93ms Script
text/javascript 13.32.121.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.truste.com/notice?domain=castorama.com&c=teconsent&text=true&gtm=1&language=fr&js=nj&noticeType=bb

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-112.fra60.r.cloudfront.net

Software

Resource Hash

e51391e70e71e5d9ff2746d9947951cacda76f4257e51707ece036d04d7a6711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.castorama.fr/
Origin: https://www.castorama.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:38 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: oPibZSjjH1UzRx5NtOxk6S2_s8OUU7ucqHCtsRNgWmVfOczGqgwsHQ==

GET
H2 200 92.hash-019bacb8c5b5078b54f2.js Show response
www.castorama.fr/spa/ 3 MB
481 KB 27ms
25ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/92.hash-019bacb8c5b5078b54f2.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6dd49ddd60cf40272cb0ec40bcaa3612732361623231c42788e363f57c8453a8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:13:05 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 490597
x-xss-protection: 1; mode=block
x-gen-id: ce769b38d75619a478f7a83bc26990c6
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 0f627820a8728aaa4059975acebe57ae
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: D0QL_5IgeEHq3IjqdqNwk_ohH1Wp64mc-8to-0jsDPHVUCPahSbEUA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 93.hash-840c29a43d564f0d6f4a.js Show response
www.castorama.fr/spa/ 1 MB
319 KB 49ms
47ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/93.hash-840c29a43d564f0d6f4a.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

93f1cf62be6820ab6b5ae01bc23ea0185ea4c1691a7f56286f34596a9e22dd94

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 13:27:24 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 325206
x-xss-protection: 1; mode=block
x-gen-id: c91a16c4fd5a32f2ca3861c3f9935f5b
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 8875a89ff2a58e655a62812b2bdf1817
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: xP_ogRnOELTWiAjWp78ths-tMcZMtRyDPcVDYT7sOLZx2X4a0lBRKg==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 hash-b7e5c50002c4cc0d30cf.js Show response
www.castorama.fr/spa/ 162 KB
36 KB 27ms
26ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/hash-b7e5c50002c4cc0d30cf.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

bda782e612b214101428293eeb45e72b66c6cb73d6162c88400c6d1498e75d59

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:13:01 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 35806
x-xss-protection: 1; mode=block
x-gen-id: ad9b1a843eb506453e7cc81db82007c5
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 46110ed27b8db7120fbfdf40927b3fe1
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: bhxPDfmLnTMVcQGSCZt5mkb2KCEsoRBprED7ZUE5l9mvagFKPOBusw==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 1.hash-b92a16216f73b218d8af.js Show response
www.castorama.fr/spa/ 12 KB
5 KB 28ms
26ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/1.hash-b92a16216f73b218d8af.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

83465793df29136f678f6e2f871806d98c08e7aac1a44da0e54e500877456a0a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:13:00 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 3889
x-xss-protection: 1; mode=block
x-gen-id: 139d21fe8a500a87b347699627030067
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 49fe2cc72c0c287d10c3c6a48fe402be
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: kgyT1w4MoZ-pNjeL6JdSUcyG34lKSlFPoS-uiG4hpCXRZx4iWjI4pw==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 21.hash-27b46660116762d50b41.js Show response
www.castorama.fr/spa/ 9 KB
4 KB 33ms
31ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/21.hash-27b46660116762d50b41.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9fdebcc7c0c0b607e3f22b46419866bc9889f70adc6da916e74027d227997af6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:13:01 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2910
x-xss-protection: 1; mode=block
x-gen-id: 8dc1506ee513aae277f867780fea5945
referrer-policy: strict-origin-when-cross-origin
x-unique-id: e59bbc098c7b16ab69d11b84b385c8eb
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: klBrHq6LbNpBSAIzRzJVxoIzAfwau39tiT4euA0BYaESi-wT4LUZZA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 33.hash-7918dd2c552a686ba8fa.js Show response
www.castorama.fr/spa/ 1 KB
2 KB 30ms
29ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/33.hash-7918dd2c552a686ba8fa.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

217590072f3d1f1c511125f937386efb450dfca4cdf80dd173cc4d14be8884e8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:16:44 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 539
x-xss-protection: 1; mode=block
x-gen-id: 7017a61b0e52a6c409c58e06063aeadb
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 394e75e324d8d4c9c41c89c73678d8c0
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: gGAn74L48THJ3mzHnluGMBPISzR5OUicPi0GsGB07LWkbbvIFt4Jhg==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 8.hash-62bb17caf29929c2ad03.js Show response
www.castorama.fr/spa/ 19 KB
7 KB 31ms
30ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/8.hash-62bb17caf29929c2ad03.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c0dbd71d2b613d54fc7a784e3db552bb0f46393c75ee3300981133f83f2f4e1e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:12:59 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 5716
x-xss-protection: 1; mode=block
x-gen-id: 7c2cd50396dcb3b236f1c0b62af64f54
referrer-policy: strict-origin-when-cross-origin
x-unique-id: d0b64990280771295f83bf9acc65e72f
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: pULTX111UcTRqdS3xG3seHTj8elEuvqAuhPCenJlXdHJ60-EtIqy2g==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 11.hash-e25f04b6e3611cdcd566.js Show response
www.castorama.fr/spa/ 8 KB
4 KB 38ms
38ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/11.hash-e25f04b6e3611cdcd566.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0e7f917b4c7940a0409b5c1e6dc30d2201ac774e21570109a8d3cbad4f93334c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:13:02 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2534
x-xss-protection: 1; mode=block
x-gen-id: 797705842c52c91ca17c1226be4b8868
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 0b75f9e8ccbce77a2702816fb3d350b3
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: tZNhaJt2T3NLHlhLDVbxZjJ99SKdJpDrsjdBNEwCuwM-EdsDPRVh_A==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 121.hash-0ed641f7927f2d7c091a.js Show response
www.castorama.fr/spa/ 40 KB
12 KB 41ms
40ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/121.hash-0ed641f7927f2d7c091a.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

392e7349c648d79a594a009f34566eb7fc1f10a5ffe4a02476be53073ebc1e34

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:12:58 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 10688
x-xss-protection: 1; mode=block
x-gen-id: 55292e385663c64557061539d700a972
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 8f5c2dcd96b1fb9cac7c6faecce8cdde
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: t9w_rJ_p5I-gNV5Hx1_9OaIjnfkKBZEESN5NA5_lON_c6uZaa2Udrw==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 151.hash-d58557705e58cb67e087.js Show response
www.castorama.fr/spa/ 392 B
2 KB 38ms
37ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/151.hash-d58557705e58cb67e087.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5b743a2f2b7361db4ead33d3e5484e27e12cee2c91306b4d4a11e760066d8c94

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 21:15:47 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 254
x-xss-protection: 1; mode=block
x-gen-id: 319381cf27f188c9a0f47adb9633ae9a
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 30bfb14a338e4622a190a5682e335de9
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: lF1ItoJvwCU1BKKUuQeKslhU5EpwZPoyZqMERCu0qwoMhMcamKY-QA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 213.hash-b3da65de45ca288ab9f0.js Show response
www.castorama.fr/spa/ 7 KB
4 KB 40ms
39ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/spa/213.hash-b3da65de45ca288ab9f0.js

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2083959fa7785e195e26c972420a879a5a8aaf0018cad520362220f97ed5f5ba

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 07:12:59 GMT
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
content-encoding: br
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2271
x-xss-protection: 1; mode=block
x-gen-id: 98adb0a40767df452a7104ca9e105773
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 2c505765768d8a826f5c086c0c28009b
last-modified: Mon, 04 Mar 2024 15:18:59 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 0yM5pHJ4w2xpKmwuMR5pR2RyjGlHKdPXEACioVvpsxsXffvD70aaKg==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/ 155 KB
34 KB 23ms
7ms Script
application/javascript 2600:9000:235a:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8863baa069b74151a73d8f1b9e38d10fcbe103cc89a61de5b080fcc6c7e32b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: RKofcs35jQU46KZpOdNy2PBZzV2DkHTD
content-encoding: br
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date: Thu, 07 Mar 2024 01:52:28 GMT
last-modified: Wed, 28 Feb 2024 09:05:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 193
x-amz-server-side-encryption: AES256
etag: W/"6220687974779152919253b6d8f59a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: EjIpNppiKENtDEog1iMY_EraiVsQh84zecr_MyFsbRJfLMQVQwScOQ==

GET
H2 200 ac483.svg
www.castorama.fr/spa/images/ 352 B
2 KB 42ms
41ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/ac483.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9aaf37e1ce1c8678124c75bb51804c9164636e6184d24ea954c62565d872de5b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 996555ab05985ca208b1bd722f9555c8
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 0f6e3217e4c590e6ba0225b666a2b080
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 9MxVAcdvpmLAEe9Mrocz1pnGPw3IhZEZhk9d4k_ke_c15LJqoBE8TQ==
expires: Sat, 30 Mar 2024 21:15:41 GMT

GET
H2 200 b915f.svg
www.castorama.fr/spa/images/ 667 B
2 KB 27ms
26ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/b915f.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7ec318f840d05e2853badf827df870806f0e5d81ebedd3b1bce1d8501e652550

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 04b929f4bf786d7b791a2133f8ed7b39
referrer-policy: strict-origin-when-cross-origin
x-unique-id: d0c18e06e12c92a2eb7cedbcf0597842
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: KP8CJg4I1RWZFpJhONz-SCnA1Np37oYPsZCLMlnPPxF8DBQlZAvMgA==
expires: Sat, 30 Mar 2024 21:15:41 GMT

GET
H2 200 5be44.svg
www.castorama.fr/spa/images/ 258 B
2 KB 29ms
28ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/5be44.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a93d19a36c99dcd56d9bf4254521ed790a1df21de0bf07294ec4b0d0bfbd3bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 02b3c19fc38a4faf15fbd1f5b39d0fef
referrer-policy: strict-origin-when-cross-origin
x-unique-id: 8538979800e3f1b9a64833b86a966248
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 4v_SzcYpBzZdWdpM04YDkA7DZY5YM6Tdt-wNcX62dWchAcvxtI40xg==
expires: Sat, 30 Mar 2024 21:15:42 GMT

GET
H2 200 1c81d.svg
www.castorama.fr/spa/images/ 2 KB
3 KB 27ms
26ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/1c81d.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ccc0acf019edca41a706a127904cf6f3a853c2f5878a0c6c1f9305aa3e079857

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 8d9509ad0006efd009881fa1981384ea
referrer-policy: strict-origin-when-cross-origin
x-unique-id: b23d9b343f92448ac623135c3db391b6
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: Ua44YR5hwO6sKO_fjZrsR1FykHZBzjzSVKwv1BhEfxIrTkPtNP1t5A==
expires: Sat, 30 Mar 2024 21:15:41 GMT

GET
H2 200 e961d.svg
www.castorama.fr/spa/images/ 619 B
2 KB 30ms
29ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/e961d.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9a92bbe8f02408c8aefccb584065314a96a166a3daeac4ca4329927962341c52

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: f05c997f9e62957c1b3be2db39adf9ce
referrer-policy: strict-origin-when-cross-origin
x-unique-id: db5cb568711741113c446d2c74d7cc04
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: MDTG478q3DAS91Lgu9SDJbabf7c7VlDjtuFSNpAnXUioUZZ7ixfd8g==
expires: Sat, 30 Mar 2024 21:15:42 GMT

GET
H2 200 5ae0a.svg
www.castorama.fr/spa/images/ 550 B
2 KB 27ms
26ms Image
image/svg+xml 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.castorama.fr/spa/images/5ae0a.svg

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5f535b308efd36b76f70b092c43baf804645a8e994801b8ee457c7a3fa1fec98

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
date: Thu, 07 Mar 2024 01:55:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-gen-id: 802162a7292ac56b9f2a09a3ce2cb40a
referrer-policy: strict-origin-when-cross-origin
x-unique-id: f3dc622bf1983527b4f24ceaecf2fb0e
last-modified: Sat, 24 Feb 2024 12:26:48 GMT
server: CloudFront
x-fstrz: o,c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
cache-control: max-age=2592000
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: 7OweXV7PYHF2C1nzeJTRGND0GvhgdEVVXAcvFrDuRrIbT1_j3r60ow==
expires: Sat, 30 Mar 2024 21:15:42 GMT

GET
H2 200 jquery.bundle.min.js Show response
www.castorama.fr/skins/common/js/ 291 KB
293 KB 25ms
25ms Script
application/javascript 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/skins/common/js/jquery.bundle.min.js?seed=AMARiBaOAQAAFqlKx8tg7L1h-Yc89u1Zko7mEvghDmizSe8Muy-eAfXTYgTn&jDRBGbR12T--z=q

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/skins/common/js/jquery.initial.min.js?async

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

967730475c5fb4ba09053f1c42d6ba13a0bf01999f2c95b2ae50fdf72b495159

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/certffcat-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:24 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14
x-cache: Hit from cloudfront
content-length: 298389
x-xss-protection: 1; mode=block
server: CloudFront
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600, immutable
x-king-hop: prodw
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: wlNfHKkHjseUYK6CMJfxS3boZzKD-T43NsZIzmqFc3JR6NGfg7R7zg==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H2 200 get Show response
consent.trustarc.com/ Frame 5E18 2 KB
2 KB 32ms
8ms Document
text/html 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=castorama.com

Requested by

Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=castorama.com&c=teconsent&text=true&gtm=1&language=fr&js=nj&noticeType=bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

4e02fda4bdfbdf9df0e3523b8b2b385afbd007a3f8318e0e640f8d0a0da100be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.castorama.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 329
content-length: 2178
content-type: text/html
date: Thu, 07 Mar 2024 01:50:10 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-id: VrN6V2XAA7MqlQSIw8p5Lnwii3l4YLA27wFFBxZXiUpKwWUPAf8TNQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront

GET
H2 200 v1.7-2475 Show response
consent.trustarc.com/asset/notice.js/v/ 92 KB
92 KB 33ms
9ms Script
text/javascript 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-2475

Requested by

Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=castorama.com&c=teconsent&text=true&gtm=1&language=fr&js=nj&noticeType=bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

04fcd6a5d8cda1ed675f518abfd91b6a8bbdda9cd508426bdbcca58dd457d7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.castorama.fr/
Origin: https://www.castorama.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: public
date: Thu, 07 Mar 2024 01:52:00 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 5 Mar 2024 14:21:44 GMT
x-amz-cf-pop: FRA2-C1
age: 225
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 94139
x-amz-cf-id: 2jlmA22ICrd2DXbHcWw0bReSnkNXmA22MKKJXSPo6gQOI32JGOsJcg==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 60ms
37ms Image
image/gif 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=castorama.com&country=de&state=&behavior=implied&session=4917e384-3a4d-4987-a2d8-e4dee8648e26&userType=NEW&c=e645

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:39 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: URumvtmB9xoxu6xO6PHBR43WJPdvtoK0M0u3u5ZE0AB08dpYDE_hgw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KuW6e9w8nKMfW7cGTEMhc.json Show response
cdn.optimizely.com/datafiles/ 14 KB
4 KB 28ms
13ms XHR
application/json 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/KuW6e9w8nKMfW7cGTEMhc.json

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

07e494ee217f7ed43d9249408c892c1825b1b006d09553110935326dd12bce80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: .Ihgmq8CJBYAR0PN8aY5ttdaqVq39ntr
content-encoding: gzip
date: Thu, 07 Mar 2024 01:55:39 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: G3NJ72P46HNGHH33
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 748
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1709776539207_35115149_974556878_406_2240_6_9_219";dur=1
content-length: 2925
x-amz-id-2: FQndzKMO6Qjmh54HAUrRqmWLDvsvSHg3U/5bVsxpzVNGDWXjoRy43JX/wFOLZ2j6DfK5uFfVDjQ=
last-modified: Mon, 04 Mar 2024 09:23:27 GMT
server: AmazonS3
etag: "d4dceeb1a7e7c04ea21ba03cb5e05d57"
vary: Accept-Encoding
access-control-max-age: 604800
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 bootstrap.min.js Show response
via.batch.com/v2/ 8 KB
8 KB 46ms
6ms Script
text/javascript 2604:cac0:118:101::4
HAPROXY-TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://via.batch.com/v2/bootstrap.min.js
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/spa/92.hash-019bacb8c5b5078b54f2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:cac0:118:101::4 , United States, ASN11019 (HAPROXY-TECHNOLOGIES, US),
Reverse DNS
Software: /
Resource Hash: 7fb50f00da39cbdd78fad45b9f236f92a725bcee25abae652c58e74bf759793a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:39 GMT
last-modified: Thu, 01 Feb 2024 09:59:42 GMT
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn-diag: fra1-11028-0-937510-h-0-0---;11037-6-805899----0-0-1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Accept, Cache-Control
content-length: 7710
x-delete-x-frame-options: 1

GET
H2 200 / Show response
api.woosmap.com/geolocation/position/ 356 B
555 B 74ms
49ms XHR
application/json 104.22.50.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.woosmap.com/geolocation/position/?key=woos-0340973e-82d2-3b2d-b632-b767882723a9

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.214 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf2e4c73546881727a3f613d1ffa362980512ebf696bb3548bdad60a99052a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.castorama.fr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:39 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
x-ratelimit-remaining: 49
content-type: application/json
access-control-allow-origin: https://www.castorama.fr
x-ratelimit-reset: 1709776540
x-ratelimit-limit: 50
cf-ray: 8606f6eafd7a9bb2-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H/1.1 200
OK CAFR
api.kingfisher.com/v2/mobile/content/ Frame 0
0 177ms
33ms Preflight 52.30.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kingfisher.com/v2/mobile/content/CAFR?path=%2Fcertffcat-ssl.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.232.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-232-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-cookies,x-tenant
Access-Control-Request-Method: GET
Origin: https://www.castorama.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Headers: Authorization, X-Cookies, X-Tenant
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.castorama.fr
Access-Control-Max-Age: 86400
Connection: keep-alive
Date: Thu, 07 Mar 2024 01:55:39 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 syteExcludedCategoriesProd.json Show response
www.castorama.fr/static/settings/ 57 B
1 KB 175ms
175ms XHR
application/json 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/static/settings/syteExcludedCategoriesProd.json

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cd422a8d5ed9708cd5c3c040abcd47d411be946d1b4706970e530ac1c9bbced2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.castorama.fr/certffcat-ssl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: aU6.8GaHJ3X_YaPPOt_wHTTD12UspQd_
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
date: Thu, 07 Mar 2024 01:55:40 GMT
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 57
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 09:25:35 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: ''
accept-ranges: bytes
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-amz-cf-id: eUeGKAP4ofDKpv7rzaHjzGMVYY_6V29r85dsxPfNnKn1rqHVRvokUA==
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

GET
H/1.1 404
Not Found CAFR Show response
api.kingfisher.com/v2/mobile/content/ 147 B
1 KB 100ms
45ms XHR
application/json 52.30.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kingfisher.com/v2/mobile/content/CAFR?path=%2Fcertffcat-ssl.com

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.232.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-232-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5a865b21217246fe213ea2de9d43b64ce911d57c4259ae3fdaa0f40d6583573d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
X-Cookies
Referer: https://www.castorama.fr/
accept-language: de-DE,de;q=0.9
Authorization: Atmosphere atmosphere_app_id=kingfisher-o4ITR0sWAyCVQBraQf4Es61jHV3dN4oO9UwJQMrS
x-tenant: CAFR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 01:55:39 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Dt-Tracestate: e229dec6-1b889f5d@dt
Traceresponse: 00-fe2dbf2e03c14ef90ea2d5dcc52e3612-116e8b923ff10950-01
Vary: Origin
X-Ratelimit-Remaining: 0
Content-Type: application/json
Access-Control-Allow-Origin: https://www.castorama.fr
Cache-Control: no-store, must-revalidate
X-Ratelimit-Reset: 0
X-Ratelimit-Limit: -1
Connection: keep-alive
Content-Length: 147

GET
H2 200 utag.366.js Show response
tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/ 18 KB
4 KB 7ms
7ms Script
application/javascript 2600:9000:235a:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.366.js?utv=ut4.51.202307031010
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3db7b7df814caea0891df087d6652fb07b09999ea797bfe09ad0b5ca6a93891a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: o_QoNLrzUQ1SgqaNjRld1JCWQPv95Ofc
content-encoding: br
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date: Thu, 07 Mar 2024 01:52:22 GMT
last-modified: Wed, 28 Feb 2024 09:05:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 198
x-amz-server-side-encryption: AES256
etag: W/"f412858af77716f8a5f902d374f48163"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: zxe25wNv0ZbKJ-skTbKt5ezZ-fwx2EwtGrTTslbzOfPoXr2lZyRQUw==

GET
H2 200 utag.414.js Show response
tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/ 9 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:235a:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.414.js?utv=ut4.51.202310300909
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78d94b13eb4ee2899e5130d921b589fa3e16aae02a3d76ccda862916c03ca5dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 4D9pSrPzEiW4hCmSDsieUxUqy2NCZHTQ
content-encoding: br
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date: Thu, 07 Mar 2024 01:54:29 GMT
last-modified: Wed, 28 Feb 2024 09:05:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 76
x-amz-server-side-encryption: AES256
etag: W/"44edac6e2a983b603e06780b8fc53eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: FyPHFGepFClsjzHSiWtOdxEQgZx8XbbP7mghRSybBJ41FlEMf2_0Hg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403040101/ 432 KB
136 KB 114ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403040101/pubads_impl.js?cb=31081636

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d765f34e5567e705d252b46679f2a6e49127071d9d5bf30a70a548fe06063d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 17:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31372
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139120
x-xss-protection: 0
server: cafe
etag: 5619017089063392896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Mar 2025 17:12:47 GMT

GET
H2 200 manifest.json Show response
via.batch.com/ 2 KB
2 KB 19ms
6ms Fetch
application/json 2604:cac0:118:101::4
HAPROXY-TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://via.batch.com/manifest.json
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:cac0:118:101::4 , United States, ASN11019 (HAPROXY-TECHNOLOGIES, US),
Reverse DNS
Software: /
Resource Hash: 1b0d648b46610e5815d71d1d4f6dea28e696f543937dcae384be16da2f891ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:39 GMT
last-modified: Wed, 14 Feb 2024 12:38:14 GMT
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn-diag: fra1-11014-0-3953-h-0-0---;11015-6-4593----0-0-1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Accept, Cache-Control
content-length: 1590
x-delete-x-frame-options: 1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 7ms
6ms Script
application/javascript 2600:9000:235a:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=kingfisher/castofr-wapp/202402280904&cb=1709776539901
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 07 Mar 2024 01:49:49 GMT
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 351
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: nb9NoWFLlfFOzWIkhDPDf9WUNhOm2eF054XMjv8urO7iCKsi-V2KWA==

GET
H2 200 entry.js Show response
se.monetate.net/js/2/a-f1f0675f/p/castorama.fr/ 7 KB
3 KB 34ms
12ms Script
application/x-javascript 23.215.21.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-f1f0675f/p/castorama.fr/entry.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.21.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-21-96.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7363c42bab8fbf5fd4709cc2ae1a35df2478edcadc22bd8831aeef262bc3f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 12:50:10 GMT
server: AkamaiNetStorage
etag: "9de5a460b0da405a2e569cda62068eed:1708951810.451924"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 3262

GET
H2 200 br-trk-6274.js Show response
cdns.brsrvr.com/v1/ 21 KB
21 KB 331ms
105ms Script
application/javascript 54.83.71.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.brsrvr.com/v1/br-trk-6274.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kingfisher/castofr-wapp/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.71.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-71-170.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4b5189fbb24662b2b492138c3410a80ae58ee836ecfbf45dab5ef791e7494ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
last-modified: Thu, 04 Jul 2019 12:30:20 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5d1df15c-5409"
content-length: 21513
content-type: application/javascript

GET
H2 200 casto_logo_png
s7g10.scene7.com/is/image/KingfisherDigital/ 4 KB
4 KB 42ms
12ms Image
image/jpeg 2a02:26f0:480:9b8::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7g10.scene7.com/is/image/KingfisherDigital/casto_logo_png?wid=185&crop=65,10,1500,250

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:9b8::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

dc270299ae6d620cd83cad035a961e1804826b23e8d41051b039ca6fdbe7c9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
-x-adobe-assetlist: [KingfisherDigital/casto_logo_png]
date: Thu, 07 Mar 2024 01:55:40 GMT
last-modified: Tue, 15 Feb 2022 17:21:03 GMT
server: Unknown
akamai-grn: 0.fa632617.1709776540.28dd6d44
x-adobe-modifierlist: QlpoOTFBWSZTWZEN+twAAAADgAAKDCDQhCAAIgA2oQAwjTQEjxdyRThQkJEN+tw=
etag: "39f6ac5a188479e44a68fc16b895bb8d"
x-adobe-assetlist: QlpoOTFBWSZTWbJrzs4AAAGXgAAAhAgACqvl3AAgACIgepoAeiFMJpoDTE2RXXkfVugoVffGUl78DBwsc/F3JFOFCQsmvOzg
access-control-allow-origin: *
content-type: image/jpeg
x-akamai-cache: Hit
content-length: 3999
expires: Thu, 07 Mar 2024 09:38:10 GMT

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 36ms
36ms Image
image/gif 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=castorama.com&behavior=implied&country=de&language=fr&rand=0.8593887357709049&session=4917e384-3a4d-4987-a2d8-e4dee8648e26&userType=NEW

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: AQo8ENYLEw1YSWcClNeUMHrJM_3LA9pHOWmr_xEGescnSWuKegAYbA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sdk.min.js Show response
via.batch.com/2.3.0/ 102 KB
27 KB 9ms
9ms Script
text/javascript 2604:cac0:118:101::4
HAPROXY-TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://via.batch.com/2.3.0/sdk.min.js
Requested by: Host: via.batch.com
URL: https://via.batch.com/v2/bootstrap.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:cac0:118:101::4 , United States, ASN11019 (HAPROXY-TECHNOLOGIES, US),
Reverse DNS
Software: /
Resource Hash: 33385b26e9871857659e63c2b26ec6e5cfe0f29fb0f18a14f95820a1cdd0b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 15:22:42 GMT
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn-diag: fra1-11014-0-3953-h-0-0---;11037-6-805899----0-0-1
access-control-allow-headers: Content-Type, Accept, Cache-Control

GET
H2 200 custom.js Show response
se.monetate.net/js/3/a-f1f0675f/p/castorama.fr/t1683541443/4e6414ed8e9639de/ 198 KB
65 KB 19ms
19ms Script
application/x-javascript 23.215.21.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/3/a-f1f0675f/p/castorama.fr/t1683541443/4e6414ed8e9639de/custom.js
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-f1f0675f/p/castorama.fr/entry.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.21.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-21-96.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c7683de974b5e81038ab31a5cfee5c0fa837da4bfcd5d4492cb98c50656228c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 12:50:08 GMT
server: AkamaiNetStorage
etag: "be8e93ad3cd920193791c5c5f9a0708a:1708951808.105845"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK d3105db1-948c-4c7e-b3c0-31a3226cf19a
https://www.castorama.fr/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.castorama.fr/d3105db1-948c-4c7e-b3c0-31a3226cf19a
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.min.js Show response
via.batch.com/2.3.0/ 14 KB
5 KB 6ms
6ms Script
text/javascript 2604:cac0:118:101::4
HAPROXY-TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://via.batch.com/2.3.0/native.min.js
Requested by: Host: via.batch.com
URL: https://via.batch.com/2.3.0/sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:cac0:118:101::4 , United States, ASN11019 (HAPROXY-TECHNOLOGIES, US),
Reverse DNS
Software: /
Resource Hash: b41b9cfe60ca264adaa480647d8303e90af9b84a5f15bf7da0ff65e61600850c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 15:22:46 GMT
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn-diag: fra1-11015-0-20681-h-0-0---;11037-10-805899----0-0-0
access-control-allow-headers: Content-Type, Accept, Cache-Control

GET
H/1.1 200
OK 1080682326-0 Show response
f.monetate.net/trk/4/s/a-f1f0675f/p/castorama.fr/ 70 B
459 B 119ms
44ms Script
application/x-javascript 52.213.34.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f.monetate.net/trk/4/s/a-f1f0675f/p/castorama.fr/1080682326-0?mr=t1683541443&mi=%272.1330314124.1709776540175%27&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://www.castorama.fr/certffcat-ssl.com%27&fl=!f&hvc=!t&eoq=!t
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-f1f0675f/p/castorama.fr/t1683541443/4e6414ed8e9639de/custom.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.34.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-34-91.eu-west-1.compute.amazonaws.com
Software: Monetate /
Resource Hash: 08115da8d807ab7b2e66d329486e78ea103c6c8ff56ecbdd9f8cf72dd64429ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Mar 2024 01:55:40 GMT
Content-Encoding: gzip
Server: Monetate
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Server-Timing: total;dur=12.1
Timing-Allow-Origin: *
Content-Length: 90
Expires: Wed, 08 Mar 2023 01:55:40 GMT

GET
H2 200 pix.gif
p-eu.brsrvr.com/ 43 B
167 B 108ms
29ms Image
image/gif 63.32.156.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p-eu.brsrvr.com/pix.gif?acct_id=6274&cookie2=uid%3D581908379454%3Av%3D13.0%3Ats%3D1709776540457%3Ahc%3D1&sid=undefined&ref=&tzo=-60&rand=0.6720624730530411&title=Bricolage%2C%20jardinage%20et%20am%C3%A9nagement%20de%20la%20maison%20%7C%20Castorama&ptype=other&domain_key=castorama_fr_fr&type=pageview&lang=en-US&url=https%3A%2F%2Fwww.castorama.fr%2Fcertffcat-ssl.com&version=13.0
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.156.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-156-9.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 43
content-type: image/gif

GET
H2 200 pix.gif
p-eu.brsrvr.com/ 43 B
168 B 106ms
28ms Image
image/gif 63.32.156.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p-eu.brsrvr.com/pix.gif?acct_id=6274&cookie2=uid%3D581908379454%3Av%3D13.0%3Ats%3D1709776540457%3Ahc%3D1&sid=undefined&ref=&tzo=-60&rand=0.5261341502650372&title=Bricolage%2C%20jardinage%20et%20am%C3%A9nagement%20de%20la%20maison%20%7C%20Castorama&ptype=other&domain_key=castorama_fr_fr&orig_ref_url=www.castorama.fr%2Fcertffcat-ssl.com%3F&ajax=1&type=pageview&lang=en-US&url=https%3A%2F%2Fwww.castorama.fr%2Fcertffcat-ssl.com&version=13.0
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.156.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-156-9.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castorama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 43
content-type: image/gif

POST
H2 200 BDFA0236A4534A12B4E50B611BA78BB3 Show response
ws.batch.com/web/2.3.0/ev/ 2 B
39 B 17ms
17ms Fetch
application/json 193.70.103.218
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.batch.com/web/2.3.0/ev/BDFA0236A4534A12B4E50B611BA78BB3
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.70.103.218 , France, ASN16276 (OVH, FR),
Reverse DNS: ip218.ip-193-70-103.eu
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept: application/json
x-batch-referer: https://www.castorama.fr/certffcat-ssl.com
Referer: https://www.castorama.fr/
accept-language: de-DE,de;q=0.9
x-batch-auth: 2.WOKnCsXZFxqS86s+pqUrKyDf8oFdHtfRDTDfQ//YvAY=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 01:55:40 GMT
content-length: 2
content-type: application/json

OPTIONS
H2 200 BDFA0236A4534A12B4E50B611BA78BB3
ws.batch.com/web/2.3.0/ev/ Frame 0
0 93ms
16ms Preflight 193.70.103.218
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.batch.com/web/2.3.0/ev/BDFA0236A4534A12B4E50B611BA78BB3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.70.103.218 , France, ASN16276 (OVH, FR),
Reverse DNS: ip218.ip-193-70-103.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-batch-auth,x-batch-referer
Access-Control-Request-Method: POST
Origin: https://www.castorama.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Accept,X-Batch-Auth,X-Batch-Check,X-Batch-Dev,X-Batch-Referer
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 100
content-length: 0
date: Thu, 07 Mar 2024 01:55:40 GMT

OPTIONS
H2 200 events
logx.optimizely.com/v1/ Frame 0
0 229ms
111ms Preflight 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.castorama.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.castorama.fr
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-max-age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 07 Mar 2024 01:55:40 GMT
server: istio-envoy
timing-allow-origin: *
via: 1.1 google
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
x-envoy-upstream-service-time: 0

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
96 B 114ms
114ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.castorama.fr
URL: https://www.castorama.fr/certffcat-ssl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.castorama.fr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Mar 2024 01:55:40 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.castorama.fr
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 9b6d320f-4e54-4d00-8fe8-d574034d810c

POST
H2 200 rb_bf70766xfx Show response
www.castorama.fr/ 121 B
1 KB 242ms
242ms XHR
text/plain 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.castorama.fr/rb_bf70766xfx?type=js3&sn=v_4_srv_-2D41_sn_N336QI3DO6VTL104SEO0FV1C36RAE8LE&svrid=-41&flavor=post&vi=AIODPVGHHCHAFSMECKKMBCQRLBMHDVFK-0&modifiedSince=1709767066967&rf=https%3A%2F%2Fwww.castorama.fr%2Fcertffcat-ssl.com&bp=3&app=7fad07df8aa3fcc7&crc=737904170&en=30mmlqet&end=1

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/ruxitagentjs_A27NVfghjqrtux_10267230522124059.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

25313fe24d8d6d8f6720e2a0abe4156280265c6515240edf39c57c8ac62451f2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.castorama.fr/certffcat-ssl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 01:55:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.castorama.fr
x-amz-cf-id: UEZAE3_nlS-e5CbGhANfdy5pnd8jIrvdz5fvKbtVEc7jJpPlGNWpLA==
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

POST
H2 200 rb_bf70766xfx Show response
www.castorama.fr/ 121 B
1 KB 61ms
61ms XHR
text/plain 2600:9000:26da:6a00:18:b447:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.castorama.fr
URL: https://www.castorama.fr/ruxitagentjs_A27NVfghjqrtux_10267230522124059.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:6a00:18:b447:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

25313fe24d8d6d8f6720e2a0abe4156280265c6515240edf39c57c8ac62451f2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src data: 'unsafe-inline'; font-src * data: ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src ; style-src data: 'unsafe-inline'; font-src * data: ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.castorama.fr/certffcat-ssl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 01:55:43 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; frame-ancestors 'self' https://plan-salle-de-bain-3d.castorama.fr;style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.castorama.fr
x-amz-cf-id: KKeKwO1Vn4er7bU6iierRvh30yNK9bQcygOpVKmtBXGloqmUY6EoAw==
x-webkit-csp: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;
x-content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; child-src blob: ; worker-src 'self' https://via.batch.com blob: ; script-src * 'unsafe-inline' 'unsafe-eval' ; connect-src * ; media-src * ; img-src * data: blob: ; frame-src *; style-src * data: 'unsafe-inline'; font-src * data: ;

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 04:26:30	Name: muc Value: 0d27ae55-cb74-4330-bf16-f388447bcbdc
nagoya.nikke-tennis.jp/	1969-12-31 23:59:59	Name: wptouch-pro-view Value: desktop
.castorama.fr/	1970-01-20 19:18:10	Name: fstrz Value: true
.castorama.fr/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D41_sn_N336QI3DO6VTL104SEO0FV1C36RAE8LE
.castorama.fr/	1969-12-31 23:59:59	Name: rxVisitor Value: 1709776538820AV0I5PRFMLDI2P6M866CB1S9L5H0OO0J
.castorama.fr/	1970-01-21 03:41:52	Name: utag_main__sn Value: 1
.castorama.fr/	1970-01-20 18:56:18	Name: utag_main__se Value: 1%3Bexp-session
.castorama.fr/	1970-01-20 18:56:18	Name: utag_main__ss Value: 1%3Bexp-session
.castorama.fr/	1970-01-20 18:56:18	Name: utag_main__st Value: 1709778338920%3Bexp-session
.castorama.fr/	1970-01-20 18:56:18	Name: utag_main_ses_id Value: 1709776538920%3Bexp-session
.castorama.fr/	1970-01-20 18:56:18	Name: utag_main__pn Value: 1%3Bexp-session
www.castorama.fr/	1970-01-21 04:26:27	Name: iq_expire_date Value: 1743987338937
.castorama.fr/	1970-01-20 18:56:18	Name: TAsessionID Value: 4917e384-3a4d-4987-a2d8-e4dee8648e26\|NEW
.castorama.fr/	1969-12-31 23:59:59	Name: notice_behavior Value: implied,eu
www.castorama.fr/	1970-01-20 21:05:48	Name: abv2-cid Value: ed480c2d-03de-4615-b03f-a1137753ae67
.castorama.fr/	1969-12-31 23:59:59	Name: dtSa Value: -
.castorama.fr/	1970-01-21 03:41:52	Name: iq_segment Value: 62
.castorama.fr/	1970-01-21 04:32:16	Name: mt.v Value: 2.1330314124.1709776540175
.castorama.fr/	1970-01-21 04:32:16	Name: _br_uid_2 Value: uid%3D581908379454%3Av%3D13.0%3Ats%3D1709776540457%3Ahc%3D1
.castorama.fr/	1969-12-31 23:59:59	Name: rxvt Value: 1709778340568\|1709776538821
.castorama.fr/	1969-12-31 23:59:59	Name: dtPC Value: -41$376538819_867h-vAIODPVGHHCHAFSMECKKMBCQRLBMHDVFK-0e0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.castorama.fr/certffcat-ssl.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.kingfisher.com/v2/mobile/content/CAFR?path=%2Fcertffcat-ssl.com Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://www.castorama.fr/skins/common/js/jquery.bundle.min.js?seed=AMARiBaOAQAAFqlKx8tg7L1h-Yc89u1Zko7mEvghDmizSe8Muy-eAfXTYgTn&jDRBGbR12T--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.castorama.fr/skins/common/js/jquery.bundle.min.js?seed=AMARiBaOAQAAFqlKx8tg7L1h-Yc89u1Zko7mEvghDmizSe8Muy-eAfXTYgTn&jDRBGbR12T--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.castorama.fr/skins/common/js/jquery.bundle.min.js?seed=AMARiBaOAQAAFqlKx8tg7L1h-Yc89u1Zko7mEvghDmizSe8Muy-eAfXTYgTn&jDRBGbR12T--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kingfisher.com
api.woosmap.com
castorama.fr
ccl-prod.cache.ap.digikfplc.com
cdn.optimizely.com
cdns.brsrvr.com
consent.trustarc.com
consent.truste.com
edge1.certona.net
f.monetate.net
logx.optimizely.com
nagoya.nikke-tennis.jp
p-eu.brsrvr.com
s7g10.scene7.com
se.monetate.net
securepubads.g.doubleclick.net
t.co
tags.tiqcdn.com
via.batch.com
ws.batch.com
www.castorama.fr
www.googletagservices.com
104.22.50.214
104.244.42.133
13.224.189.87
13.32.121.112
193.70.103.218
2.19.96.152
23.215.21.96
2403:3a00:201:1a:49:212:180:49
2600:9000:235a:c600:7:2bfb:7c00:93a1
2600:9000:26da:6a00:18:b447:1380:93a1
2604:cac0:118:101::4
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a02:26f0:480:5b0::13b8
2a02:26f0:480:9b8::9b6
3.161.82.76
34.111.140.246
52.213.34.91
52.30.232.18
54.83.71.170
63.32.156.9
81.148.213.121
04fcd6a5d8cda1ed675f518abfd91b6a8bbdda9cd508426bdbcca58dd457d7b2
07e494ee217f7ed43d9249408c892c1825b1b006d09553110935326dd12bce80
08115da8d807ab7b2e66d329486e78ea103c6c8ff56ecbdd9f8cf72dd64429ec
0e7f917b4c7940a0409b5c1e6dc30d2201ac774e21570109a8d3cbad4f93334c
15a9489879b3aacaf471cd51c79b74f7621fd19a3f6f94609ccea490fafb506e
1b0d648b46610e5815d71d1d4f6dea28e696f543937dcae384be16da2f891ad8
1bf2e4c73546881727a3f613d1ffa362980512ebf696bb3548bdad60a99052a8
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
2083959fa7785e195e26c972420a879a5a8aaf0018cad520362220f97ed5f5ba
217590072f3d1f1c511125f937386efb450dfca4cdf80dd173cc4d14be8884e8
2303fb75fca6c997e66bff98ad4419e2c017fdecb9e3a5d1088af4325eabd861
2345ee038c30c2ff6bc5c288ca99f522808d8ebfc33940e2ea619e7aad99b28a
25313fe24d8d6d8f6720e2a0abe4156280265c6515240edf39c57c8ac62451f2
27622eb41ed93f5f35e8d5c18e58452ee444d1f8b4ed5fd55249c7db3bb8937e
2edc3fa8848c75dc1bd4ae1d80c00ed83a9672e3894b327c3e24230238a1b1b1
33385b26e9871857659e63c2b26ec6e5cfe0f29fb0f18a14f95820a1cdd0b8ff
392e7349c648d79a594a009f34566eb7fc1f10a5ffe4a02476be53073ebc1e34
3db7b7df814caea0891df087d6652fb07b09999ea797bfe09ad0b5ca6a93891a
41bb4fe3ab19b0985e3c67b8a3721b0ed757899477a474722acbefc53e94d428
436fc4bb8bb2f470df3e9dba270cd7b85afb2374b0f4874a1587b8a1e247e95a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5189fbb24662b2b492138c3410a80ae58ee836ecfbf45dab5ef791e7494ae1
4e02fda4bdfbdf9df0e3523b8b2b385afbd007a3f8318e0e640f8d0a0da100be
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
59d765f34e5567e705d252b46679f2a6e49127071d9d5bf30a70a548fe06063d
5a865b21217246fe213ea2de9d43b64ce911d57c4259ae3fdaa0f40d6583573d
5b30e268a50407b81a9a86f7b0f109a58008ef95e5e327f2953ab8025a2ed3cc
5b743a2f2b7361db4ead33d3e5484e27e12cee2c91306b4d4a11e760066d8c94
5c7683de974b5e81038ab31a5cfee5c0fa837da4bfcd5d4492cb98c50656228c
5d01a30a1e8c747cec5bcef2f2e8441f99af103a3c9f2a7e407b12cc2f0d7b92
5f535b308efd36b76f70b092c43baf804645a8e994801b8ee457c7a3fa1fec98
66084d2c9b5d5681702516130563b87925666bf62b37122746cf98a097e33332
6dd49ddd60cf40272cb0ec40bcaa3612732361623231c42788e363f57c8453a8
75f9a4cd666ee689716b409b12fd1d789716752899b5d37812a2a10cd3d1e045
78d94b13eb4ee2899e5130d921b589fa3e16aae02a3d76ccda862916c03ca5dd
7ec318f840d05e2853badf827df870806f0e5d81ebedd3b1bce1d8501e652550
7fb50f00da39cbdd78fad45b9f236f92a725bcee25abae652c58e74bf759793a
83465793df29136f678f6e2f871806d98c08e7aac1a44da0e54e500877456a0a
890bc991b3759d0d0b0a59a1b7339ecadb0e70a1f57cc4c27f8de68575754deb
93f1cf62be6820ab6b5ae01bc23ea0185ea4c1691a7f56286f34596a9e22dd94
967730475c5fb4ba09053f1c42d6ba13a0bf01999f2c95b2ae50fdf72b495159
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a92bbe8f02408c8aefccb584065314a96a166a3daeac4ca4329927962341c52
9aaf37e1ce1c8678124c75bb51804c9164636e6184d24ea954c62565d872de5b
9fdebcc7c0c0b607e3f22b46419866bc9889f70adc6da916e74027d227997af6
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a93d19a36c99dcd56d9bf4254521ed790a1df21de0bf07294ec4b0d0bfbd3bc9
afbce61203c6271d048ed58a47827b2919fb85eae057c73d54df425bfc49a8d2
b41b9cfe60ca264adaa480647d8303e90af9b84a5f15bf7da0ff65e61600850c
b616b865d93e0567ef3e6aafbc06aa994d982d47aa70397b11594d4271471475
bda782e612b214101428293eeb45e72b66c6cb73d6162c88400c6d1498e75d59
bf7d83b1fc11b85c8ce3884b9c8ad594ed918eb2ac6cb82289792a9fcb852e1f
c0dbd71d2b613d54fc7a784e3db552bb0f46393c75ee3300981133f83f2f4e1e
c8863baa069b74151a73d8f1b9e38d10fcbe103cc89a61de5b080fcc6c7e32b6
cabff23d2851fd68cd51a015e5989e1fb7f850533542d5506987a939d20bbd5e
ccc0acf019edca41a706a127904cf6f3a853c2f5878a0c6c1f9305aa3e079857
cd422a8d5ed9708cd5c3c040abcd47d411be946d1b4706970e530ac1c9bbced2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d785ff3b01afb551d6dc3d36e48c5e81f64c8d0ed6ea9cb078fdfc3fc69aa7ba
dc270299ae6d620cd83cad035a961e1804826b23e8d41051b039ca6fdbe7c9d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51391e70e71e5d9ff2746d9947951cacda76f4257e51707ece036d04d7a6711
e5afe90ec74b143c30c05e45be2328b800e6ac787be276fab654726413eb7994
f5d23c27c1a46342a7e2f3e57068d8f1f86b680d8a890ce57bd8ba9849819a04
f7363c42bab8fbf5fd4709cc2ae1a35df2478edcadc22bd8831aeef262bc3f08

www.castorama.fr Open in urlscan Pro 2600:9000:26da:6a00:18:b447:1380:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

99 %HTTPS

36 %IPv6

17 Domains

22 Subdomains

21 IPs

7 Countries

1962 kBTransfer

7330 kBSize

21 Cookies

13 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.castorama.fr Open in urlscan Pro
2600:9000:26da:6a00:18:b447:1380:93a1 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

99 %
HTTPS

36 %
IPv6

17
Domains

22
Subdomains

21
IPs

7
Countries

1962 kB
Transfer

7330 kB
Size

21
Cookies

71 HTTP transactions
1 data transactions